Consider these three operational open source risk factors when using open source components: version currency, version proliferation, and project activity.
Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Top 3 operational open source risk factors
How should you track open source? It’s almost definitely in your codebase, so the question is not whether to track it but what could happen if you don’t.
Posted in Open Source Security, Software Composition Analysis | Comments Off on You’re using open source software, and you need to keep track of it
Learn how to drive your software security initiative with metrics, and get practical advice for open source security with Red Hat, in our new webinars.
Posted in Maturity Model (BSIMM), Open Source Security, Webinars | Comments Off on [Webinars] Software security metrics and open source security
Technical due diligence on the target’s SDLC is a must for acquirers in software M&A. What you don’t know about their process and tools could hurt you.
Posted in Featured, Mergers & Acquisitions, Open Source Security, Software Composition Analysis | Comments Off on Technology company M&A: Do due diligence on SDLC process/tools
Synopsys and Red Hat have established a world-class partnership to enable open source management and application security testing in container environments.
Posted in Container Security, Open Source Security | Comments Off on Synopsys Software Integrity Group receives Red Hat Partner Award
An open source audit digs into a codebase to see what’s inside. Find out what our audit services team unearthed in the 1,200+ codebases we reviewed in 2018.
Posted in Mergers & Acquisitions, Open Source Security | Comments Off on Know your code—and know your stuff!
Learn about the magic of IAST, how to uncover the risks of APIs and web services in M&A, and how DoD and government agencies can mitigate software risks.
Posted in Interactive Application Security Testing (IAST), Mergers & Acquisitions, Open Source Security, Security Standards and Compliance, Webinars | Comments Off on [Webinars] Tech due diligence, IAST, and government software
Our 2019 OSSRA infographic shows trends and key findings from the latest Synopsys Open Source Security and Risk Analysis report. Download the free PDF.
Posted in Open Source Security | Comments Off on [Infographic] Findings from the 2019 OSSRA report
In our BinAuthz webinar, Sandra Guo (Google) and Tomas Gonzalez (Synopsys) explain Black Duck’s role in the software signing process. Available on demand.
Posted in Cloud Security, Container Security, Open Source Security, Webinars | Comments Off on [Webinar] Deploy Containers Confidently With Synopsys and Google
Building our new Synopsys Operator took some effort, but the results are impressive! Read our tips for creating your own Operator for Red Hat OpenShift.
Posted in Container Security, Open Source Security | Comments Off on Synopsys and Red Hat OpenShift 4: One smooth Operator!