Software Integrity Blog

Archive for the 'Open Source Security' Category

 

[Webinars] Vulnerability reports, application security for DevOps and CI/CD

Learn how vulnerability reports can help you fix critical vulnerabilities effectively, and the essentials of application security for DevOps and CI/CD.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Open Source Security, Software Composition Analysis (SCA), Software Security Program, Webinars

 

[Infographic] Key findings from the 2020 OSSRA report

Our 2020 OSSRA infographic shows key findings and open source trends from the Synopsys Open Source Security and Risk Analysis report. Download the free PDF.

Continue Reading...

Posted in Open Source Security

 

5 key takeaways from the 2020 Open Source Security and Risk Analysis report

Our analysis of 1,250+ codebases reveals trends in open source use, security, and license compliance that affect development, security, and legal teams.

Continue Reading...

Posted in Open Source Security

 

[Webinars] Open source governance, secure development

Learn about the 2020 OSSRA report findings and what they mean for open source governance, and why all software development should be secure development.

Continue Reading...

Posted in Developer Enablement, Open Source Security, Webinars

 

5 types of software licenses you need to understand

Different types of software licenses require you to meet certain obligations if you want to reuse the code. Here are 5 common types of software licenses.

Continue Reading...

Posted in Open Source Security

 

What is the Ghostcat vulnerability (CVE-2020-1938)?

Ghostcat (CVE-2020-1938) is an Apache Tomcat vulnerability that allows remote code execution in some circumstances. Here’s how to find and mitigate it.

Continue Reading...

Posted in Application Security, Open Source Security

 

How to deal with legacy vulnerabilities

Are you releasing software with legacy vulnerabilities that you put aside to address later but forgot about—or that you didn’t even know were in your code?

Continue Reading...

Posted in Application Security, Open Source Security

 

Open source software use grows in Germany, but compliance and risk management need improvement

A new report from Bitkom reveals that among companies that use open source, many aren’t sure of the best way to approach open source risk management.

Continue Reading...

Posted in Open Source Security

 

How do you effectively remediate the increasing sea of vulnerabilities?

With applications containing more and more open source, and 40+ vulnerabilities disclosed daily, how do you prioritize your remediation efforts?

Continue Reading...

Posted in Application Security, Open Source Security, Software Composition Analysis (SCA)

 

How to Cyber Security: Software is manufacturing

Modern software is a bit like manufacturing: gluing open source components together using proprietary code and tracking everything with a bill of materials.

Continue Reading...

Posted in Open Source Security, Software Composition Analysis (SCA)