Software Integrity Blog

 

Shift even further left with blazing-fast Rapid Scan SAST

Why fixing software issues as you code matters and how Rapid Scan SAST can help.

Continue Reading...

Posted in Building secure software

 

Intelligent Orchestration and Code Dx: Security superheroes

Building security into DevOps has its challenges. Address them with a modern approach to AppSec using Intelligent Orchestration and Code Dx.

Continue Reading...

Posted in Building secure software

 

How an open source software audit works

Open source software audits can identify undetected issues in your codebase. Learn how our audit services can help you understand the risks during an M&A.

Continue Reading...

Posted in Open source and software supply chain risks

 

Code Dx brings game-changing capabilities to Synopsys

Synopsys acquires Code Dx to extend application security portfolio. Code Dx adds software vulnerability correlation, prioritization, and consolidated risk reporting.

Continue Reading...

Posted in Security news and research

 

AppSec Decoded: Smarter DevSecOps with Intelligent Orchestration

In this episode of AppSec Decoded, we discuss how Intelligent Orchestration enables speed and scale in DevSecOps.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Application Security, Building secure software

 

DevSecOps at scale and speed with Intelligent Orchestration

AppSec shouldn’t compromise velocity. Learn how Intelligent Orchestration optimizes AppSec testing while removing complexity from DevOps toolchains.

Continue Reading...

Posted in Agile, CI/CD & DevOps, Featured, News & Announcements, Security news and research

 

Black Duck continues to expand vulnerability prioritization methods

Today’s release of Black Duck adds vulnerability impact analysis, which indicates whether your application executes vulnerable code. Let’s look at how this addition further augments your prioritization efforts.

Continue Reading...

Posted in Application Security, Security news and research, Software Composition Analysis (SCA)

 

Need a vulnerability assessment yesterday? Consider a Black Duck Audit

When you don’t have any time or resources to spare, Black Duck Audits provide a deep, accurate, rapid vulnerability assessment, plus remediation guidance.

Continue Reading...

Posted in Open source and software supply chain risks, Open Source Security

 

An introduction to installing Black Duck

Get started with the Dockerized Black Duck installation. This post outlines workplace specifications, tools, and steps for installing Black Duck.

Continue Reading...

Posted in Building secure software, Software Composition Analysis (SCA)

 

Black Duck Audits: Not just for M&A

If you don’t have an SCA tool, a software audit can give you a bill of materials needed for product releases, vendor requirements, and procuring insurance.

Continue Reading...

Posted in Mergers & Acquisitions, Open source and software supply chain risks, Open Source Security