Black Duck by Synopsys – WindowsTechs.com

Securing containers at scale

Posted on September 17, 2018 by Charlie Klein

Open source is the foundation of most modern applications. However, left untracked, open source can put containerized applications at risk of known vulnerabilities such as Heartbleed and CVE-2017-5638 found in Apache Struts. Tracking open source can be… Continue reading Securing containers at scale→

Struts flaw, SAST, IAST, DAST & RASP primer, hacking planes, ATMs, and water heaters

Posted on August 30, 2018 by Fred Bals

We wind up the month of August with stories on the latest Apache Struts hack—bad news, if you remember Equifax—and what you need to do now to protect yourself. Plus news on plane, ATM, and even water heater hacks, and a primer on what to lo… Continue reading Struts flaw, SAST, IAST, DAST & RASP primer, hacking planes, ATMs, and water heaters→

The intersection between IAST and SCA and why you need both in your security toolkit

Posted on August 29, 2018 by Tim Mackey

Two powerful yet relatively new technologies in application security testing are interactive application security testing (IAST) and software composition analysis (SCA). IAST solutions are designed to help organizations identify and manage security ris… Continue reading The intersection between IAST and SCA and why you need both in your security toolkit→

The Apache Software Foundation can take a joke, but not when it comes to licensing

Posted on August 15, 2018 by Phil Odence

The Apache Software Foundation’s legal group is an interesting microcosm in which to study open source license issues. Generally, what the Apache Software Foundation (ASF) deems good is good for companies looking to consume open source, and what&… Continue reading The Apache Software Foundation can take a joke, but not when it comes to licensing→