Collaborate Disseminate
I learned about Buckminster Fuller when I was frantically drawing my way through an architecture degree in college. Fuller was quite an inspirational architect and the inventor of the Geodesic dome.
He had this saying that stuck in my head: “A foo… Continue reading Are You a Fool with a Tool?
Open source might be free, but it’s not risk-free. Let’s examine the potential legal cost of open source use associated with license noncompliance.
The post Open source for lawyers: Costs of open source use appeared first on Software Integ… Continue reading Open source for lawyers: Costs of open source use
Learn how our CloudBees partnership helps users optimize CI/CD and automate AppSec Testing, and steps to take after you get an open source audit report.
The post [Webinars] CI/CD optimization and automated testing, open source audit reports appeared f… Continue reading [Webinars] CI/CD optimization and automated testing, open source audit reports
Learn about the top open source licenses used by developers, including the 20 most popular open source licenses, and their legal risk categories.
The post Top open source licenses and legal risk for developers appeared first on Software Integrity Blog… Continue reading Top open source licenses and legal risk for developers
In a study by (ISC)2, all executives and M&A professionals surveyed agreed that cyber security audits have become standard practice in tech due diligence.
The post Cyber security audits top due diligence checklists appeared first on Software Integ… Continue reading Cyber security audits top due diligence checklists
What sets Black Duck apart from other SCA solutions? Industry-leading innovation, extensive vulnerability detection, and a broad range of integrations.
The post Top 3 reasons to choose Black Duck appeared first on Software Integrity Blog.
The post Top… Continue reading Top 3 reasons to choose Black Duck
Over the course of this adventure into the culinary world of software development, we have drawn comparisons between open source software and cookie recipes, and equated open source risks to spoiled ingredients. When cooking, it’s imperative that… Continue reading The Open Source Cookbook: Prepping Your Kitchen
Learn about a better, faster alternative to NVD vulnerability data feeds and how to measure software security effectiveness and use metrics to drive change.
The post [Webinars] NVD data feed alternatives and software security metrics appeared first on… Continue reading [Webinars] NVD data feed alternatives and software security metrics
How’s that deodorant of yours working? If you wanted to hear yesterday’s presentation you had to crowd in, close — it was standing room only.
Sonatype’s Derek Weeks (@weekstweets) presented at Global AppSec DC. The conference, s… Continue reading A More Secure Web Needs Developers, Defenders, Advocates, and OSS
The Black Duck Jira Cloud integration is based on a flexible, customizable model, backed by the same exemplary Black Duck software composition product.
The post Introducing the Black Duck Jira Cloud integration appeared first on Software Integrity Blo… Continue reading Introducing the Black Duck Jira Cloud integration