Collaborate Disseminate
Developer communities like Stack Overflow are a great resource for your open source projects, but proper due diligence is required to manage compliance risks.
The post The 411 on Stack Overflow and open source license compliance appeared first on Sof… Continue reading The 411 on Stack Overflow and open source license compliance
Open source vulnerabilities are on the rise according to the new OSSRA report. Get the latest information on open source security, compliance, and code quality risk.
The post What the 2021 OSSRA report tells us about the state of open source in comme… Continue reading What the 2021 OSSRA report tells us about the state of open source in commercial software
In this AppSec Decoded interview, we look at the top takeaways from the ‘DevSecOps Practices and Open Source Management in 2020’ report.
The post AppSec Decoded: What are organizations doing to manage open source vulnerabilities? appeared first on S… Continue reading AppSec Decoded: What are organizations doing to manage open source vulnerabilities?
Stay on top of open source vulnerabilities and license obligations with discovery capabilities from Black Duck.
The post Discovery capabilities: A core differentiator for Black Duck SCA appeared first on Software Integrity Blog.
The post Discovery ca… Continue reading Discovery capabilities: A core differentiator for Black Duck SCA
According to its official documentation, “twitter-server” is a Twitter OSS project used to provide a template from which servers at Twitter are built. It provides common application components such as an administrative HTTP server, tracing, stats, and … Continue reading CVE-2020-35774: twitter-server XSS Vulnerability Discovered
Synopsys surveyed 1,500 IT professionals working in cyber security to analyze the DevSecOps practices used to address open source vulnerability management.
The post Six key findings from the ‘DevSecOps Practices and Open Source Management in 2020’ re… Continue reading Six key findings from the ‘DevSecOps Practices and Open Source Management in 2020’ report
Most applications contain open source code, which can expose companies to risks if left unchecked. Make the most of your open source vulnerability management with the right approach and tooling.
The post Four requirements for open source vulnerabilit… Continue reading Four requirements for open source vulnerability management in a DevOps environment
Open source projects can become victims of their own success. What can developers do to secure their open source software?
The post TANSTAAFL! The tragedy of the commons meets open source software appeared first on Software Integrity Blog.
The post TA… Continue reading TANSTAAFL! The tragedy of the commons meets open source software
Learn what OpenChain is, how it works, and how companies around the world are using it to secure their software supply chains and reduce open source risk.
The post [Webinars] OpenChain and open source supply chain security appeared first on Software I… Continue reading [Webinars] OpenChain and open source supply chain security
Hear about the state of open source in our Red Hat partner webinar, discover our approach to threat modeling, and learn how to secure Node.js applications.
The post [Webinars] Open source, threat modeling, Node.js security appeared first on Software I… Continue reading [Webinars] Open source, threat modeling, Node.js security