Collaborate Disseminate
As the use of open source has grown, so has the number of vulnerabilities. Uncover the latest findings from the 2021 OSSRA report.
The post What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report appeared first on Software Integrity Bl… Continue reading What’s new in the 2021 ‘Open Source Security and Risk Analysis’ report
Open source vulnerabilities are on the rise according to the new OSSRA report. Get the latest information on open source security, compliance, and code quality risk.
The post What the 2021 OSSRA report tells us about the state of open source in comme… Continue reading What the 2021 OSSRA report tells us about the state of open source in commercial software
Synopsys surveyed 1,500 IT professionals working in cyber security to analyze the DevSecOps practices used to address open source vulnerability management.
The post Six key findings from the ‘DevSecOps Practices and Open Source Management in 2020’ re… Continue reading Six key findings from the ‘DevSecOps Practices and Open Source Management in 2020’ report
Open source software is now used in nearly every organization, which makes it critical to know your code. Learn how an SCA tool can help you.
The post Making SCA part of your AST Strategy appeared first on Software Integrity Blog.
The post Making SCA … Continue reading Making SCA part of your AST Strategy
Open source projects can become victims of their own success. What can developers do to secure their open source software?
The post TANSTAAFL! The tragedy of the commons meets open source software appeared first on Software Integrity Blog.
The post TA… Continue reading TANSTAAFL! The tragedy of the commons meets open source software
The NVD is a good source for open source vulnerability data. But with an average 27-day reporting delay, it shouldn’t be your only source of information.
The post Why developers need a supplemental source to NVD vulnerability data appeared first… Continue reading Why developers need a supplemental source to NVD vulnerability data
A new report from Bitkom reveals that among companies that use open source, many aren’t sure of the best way to approach open source risk management.
The post Open source software use grows in Germany, but compliance and risk management need imp… Continue reading Open source software use grows in Germany, but compliance and risk management need improvement
“Vulnerabilities in the Core,” a report from the Linux Foundation and the Laboratory for Innovation Science at Harvard, offers insight into open source use.
The post There’s no such thing as TMI when it comes to open source software … Continue reading There’s no such thing as TMI when it comes to open source software
Already using static code analysis? Try boosting your application security program with software composition analysis to automate open source management.
The post Taking the next step in your application security program appeared first on Software Int… Continue reading Taking the next step in your application security program
Using static code analysis (SAST) and software composition analysis (SCA) together makes your software development process better, faster, and stronger.
The post Coverity & Black Duck together. Better. Faster. Stronger. appeared first on Software … Continue reading Coverity & Black Duck together. Better. Faster. Stronger.