Collaborate Disseminate
In our BinAuthz webinar, Sandra Guo (Google) and Tomas Gonzalez (Synopsys) explain Black Duck’s role in the software signing process. Live May 16 @ noon ET.
The post [Webinar] Deploy Containers Confidently With Synopsys and Google appeared first… Continue reading [Webinar] Deploy Containers Confidently With Synopsys and Google
In our 2019 OSSRA webinar, Tim Mackey discusses trends in open source usage and risk management from the latest OSSRA report. Watch live May 9 @ 12 p.m. ET.
The post [Webinar] 2019 Open Source Security Report: Persistent Challenges and Forward Progres… Continue reading [Webinar] 2019 Open Source Security Report: Persistent Challenges and Forward Progress
Analysis of over 1,200 codebases reveals trends in open source use, security, and license compliance that affect your development, security, and legal teams.
The post The 2019 Open Source Security and Risk Analysis report is here! appeared first on So… Continue reading The 2019 Open Source Security and Risk Analysis report is here!
Software compliance isn’t just a concern of security, development, and legal executives. Your developers and development managers should care about it too. Here’s why. How do you evaluate the quality of an application? A simple quality chec… Continue reading Why your development team should care about software compliance
UL 2900-2-1 calls for the secure design and security testing of medical devices. What does the FDA’s adoption of the standard mean for your development team? By Dan Lyon and Garrett Sipple The original version of this post was published on MedTec… Continue reading Treating security like safety: What the FDA’s recognition of UL 2900-2-1:2018 means for developers
FDA cybersecurity guidance is informed by a long list of standards and recommendations. How can manufacturers translate these documents into practices? By Dan Lyon and Garrett Sipple The original version of this post was published on MedTech Engine. In… Continue reading Complex but helpful: Negotiating FDA guidance to build a cybersecurity program
Both enterprise and open source static analysis tools can boost your application security program. But each has its strengths. Learn more before you choose one. Static analysis (SAST) technologies analyze application code for security and quality defec… Continue reading How to choose between enterprise and open source static analysis
The Polaris platform integrates the Synopsys Software Integrity portfolio into an easy-to-use solution so you can build secure, high-quality software faster. By Neal Goldman and Utsav Sanghani We’re excited to introduce the Polaris Software Integ… Continue reading Announcing the Polaris Software Integrity Platform
Our Complete Application Security Checklist describes 11 best practices you’ll want to implement to minimize your risk from cyber attacks and protect your data. Enterprise application security is a crowded, confusing field. And it grows more conf… Continue reading The Complete Application Security Checklist
SCA tools are an essential part of your AppSec toolkit, because free and open source software—just like free puppies—comes with hidden costs and risks. This entry in our BSIMM Monthly Insights series was contributed by guest author Stacy Mo… Continue reading The hidden costs and risks of free puppies (and open source)