Sorry, not available in this language yet

« Previous: Learn how to scale threat…

Next: Coverity: Setting the standard… »

Manage security risk in GitHub open source projects with CoPilot

Posted by Lisa Bryngelson on Thursday, January 11, 2018

Manage security risk in GitHub open source projects with CoPilot

CoPilot is a publicly-facing free application that allows owners of open source projects on GitHub to monitor security risk associated with used components as part of their Git Flow development process.

CoPilot supports a variety of CI/CD tools such as Travis and a variety of languages including Java, C#, Ruby, Scala, R and many others. Watch this brief video to learn how to set up and use CoPilot, plus a demo to help you understand how you can use this non-intrusive security risk assessment to demonstrate that you are responsible producers of open source software.

CoPilot also provides insight into the security vulnerabilities before merging them back into the main branch through pull request integration. Before you approve a pull request, CoPilot informs you which components will be added or removed, and how that affects your security risk level.

Try CoPilot out today to get an at-a-glance view of the security risk discovered in your GitHub project – plus how to mitigate that risk.

Watch this video to learn how to manage security risk in your GitHub open source projects.

This post is filed under Security news and research.

Lisa Bryngelson

Posted by

Lisa Bryngelson

Lisa Bryngelson is a senior product manager at Black Duck by Synopsys focused on working with our current Suite customers, helping them to transition to the new Black Duck platform. She is also working on new emerging product offerings like CoPilot. She has been with Black Duck since 2012, starting off in technical support, where she gained her desire to improve customers' experience, which lead her to take a product management position in an effort to apply what she learned to directly influence the product direction. Prior to Black Duck, she has 19 years of software development experience in various positions for companies like Adobe and Sybase.

SEE AUTHOR ARCHIVE

More from Security news and research

CyRC Vulnerability Advisory: CVE-2023-32353, Apple iTunes local privilege escalation on Windows

CyRC Vulnerability Advisory: CVE-2023-32353, Apple iTunes local privilege escalation on Windows

Posted by Zeeshan Shaikh on June 1, 2023

Cybersecurity Research Center

Synopsys named in 2023 Fortress Cyber Security Awards

Synopsys named in 2023 Fortress Cyber Security Awards

Posted by Synopsys Editorial Team on May 31, 2023

Synopsys named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for the seventh year

Synopsys named a Leader in the 2023 Gartner® Magic Quadrant™ for Application Security Testing for the seventh year

Posted by Jason Schmitt on May 23, 2023

Software Integrity Group’s products and services

Synopsys and ReversingLabs sign agreement to enhance software supply chain risk management

Synopsys and ReversingLabs sign agreement to enhance software supply chain risk management

Posted by Synopsys Editorial Team on May 11, 2023

Subscribe

Related Tags