Using static code analysis (SAST) and software composition analysis (SCA) together makes your software development process better, faster, and stronger.
Posted in Application Security, Open Source Security, Software Composition Analysis (SCA), Static Analysis (SAST) | Comments Off on Coverity & Black Duck together. Better. Faster. Stronger.
Learn more about DevSecOps best practices, application security tools and features, and key legal developments related to open source in 2019.
Posted in Agile, CI/CD & DevOps, Application Security, Open Source Security, Webinars | Comments Off on [Webinars] DevSecOps best practices, AppSec tools, and the year in open source
Ongoing legal considerations associated with open source use include license enforcement, dual licensing, and deciding whether to license out your own code.
Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Open source for lawyers: Ongoing implications of open source use
Open source is widespread because it’s easy to use. But it comes with unique security challenges, and poor open source management can be a costly liability.
Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Open source for lawyers: Challenges of open source use
Learn how containerization changes the security paradigm, how to prevent security tool misuse, and what M&A participants should know about open source.
Posted in Container Security, Mergers & Acquisitions, Open Source Security, Software Security Program, Webinars | Comments Off on [Webinars] Container security, tool misuse and abuse, open source in M&A
With a software bill of materials (software BOM), you can respond quickly to the security, license, and operational risks that come with open source use.
Posted in Open Source Security, Software Composition Analysis (SCA) | Comments Off on What is a software bill of materials?
Smart organizations in the business of building software need to use a mix of application testing tools to ensure their code is high-quality and secure.
Posted in Open Source Security, Software Composition Analysis (SCA) | Comments Off on JDA Software: Extending their SDLC to remediate open source issues
Open source might be free, but it’s not risk-free. Let’s examine the potential legal cost of open source use associated with license noncompliance.
Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Open source for lawyers: Costs of open source use
Learn how our CloudBees partnership helps users optimize CI/CD and automate AppSec Testing, and steps to take after you get an open source audit report.
Posted in Agile, CI/CD & DevOps, Mergers & Acquisitions, Open Source Security, Webinars | Comments Off on [Webinars] CI/CD optimization and automated testing, open source audit reports
Learn about five ways to approach risk ranking in vulnerability management, and hear key insights into real-life software security programs from BSIMM10.
Posted in Open Source Security, Software Security Program, Webinars | Comments Off on [Webinars] How to risk rank vulnerabilities, insights from BSIMM10
