Collaborate Disseminate
With applications containing more and more open source, and 40+ open source vulnerabilities disclosed daily, how do you prioritize your remediation efforts?
The post How do you effectively remediate the increasing sea of vulnerabilities? appeared firs… Continue reading How do you effectively remediate the increasing sea of vulnerabilities?
Modern software is a bit like manufacturing: gluing open source components together using proprietary code and tracking everything with a bill of materials.
The post How to Cyber Security: Software is manufacturing appeared first on Software Integrity… Continue reading How to Cyber Security: Software is manufacturing
Learn why an open source security review is key in M&A due diligence, and about the impact of cloud environments on application security considerations.
The post [Webinars] Open source in M&A due diligence, cloud application security appeared … Continue reading [Webinars] Open source in M&A due diligence, cloud application security
With advanced policy management and best-in-class vulnerability reports, developers can fix the most critical vulnerabilities quickly and effectively.
The post [Webinar] Effective Vulnerability Remediation Requires More Than One Data Point appeared fi… Continue reading [Webinar] Effective Vulnerability Remediation Requires More Than One Data Point
“Vulnerabilities in the Core,” a report from the Linux Foundation and the Laboratory for Innovation Science at Harvard, offers insight into open source use.
The post There’s no such thing as TMI when it comes to open source software … Continue reading There’s no such thing as TMI when it comes to open source software
With thousands of security vulnerabilities reported each month in products ranging from hardware devices to firmware to popular software apps, how does one prioritise what needs the most attention? From a business and project management perspectiv… Continue reading What Does the New CVSS 3.1 Scoring Model Mean for Enterprise Security?
2019 saw developments in many free and open source software legal issues, including new models, ethical restrictions, blockchain, and data and cryptography.
The post Top 10 FOSS legal developments in 2019 appeared first on Software Integrity Blog.
The… Continue reading Top 10 FOSS legal developments in 2019
With new SCA capabilities, the Code Sight IDE plugin detects vulnerabilities (CVEs) in the open source you use, alongside weaknesses in proprietary code.
The post Find and fix open source and proprietary code security defects in the IDE with Polaris a… Continue reading Find and fix open source and proprietary code security defects in the IDE with Polaris and Code Sight
In October 2018, Bloomberg published an article titled “The Big Hack: How China Used a Tiny Chip to Infiltrate U.S. Companies,” that sent shockwaves around the world. The implication – Chinese spies infiltrated nearly 30 U.S. companies… Continue reading The “Big Hack” That Actually Happened – Chinese Military Implicated in Equifax Breach
Learn about the addition of Black Duck to VMware Cloud Marketplace and the benefits and limitations of different types of open source scans.
The post [Webinars] Black Duck on VMware Cloud and open source scans appeared first on Software Integrity Blog… Continue reading [Webinars] Black Duck on VMware Cloud and open source scans