Oct 08, 2024/5 min read Key insights from Black Duck’s 2024 Global State of DevSecOps report By Fred Bals Tags: SIG, Security News & Trends, DevSecOps
May 16, 2024/3 min read The changing face of software supply chain security risk By Fred Bals Tags: SCA, Secure the Software Supply Chain
Apr 08, 2024/5 min read What is the Xz Utils Backdoor : Everything you need to know about the supply chain attack By Fred Bals Tags: Secure the Software Supply Chain
Apr 01, 2024/8 min read Top open source licenses and legal risk for developers By Fred Bals Tags: SCA, OSS License Compliance
Mar 19, 2024/4 min read 2024 OSSRA report: Open source license compliance remains problematic By Fred Bals Tags: Artificial Intelligence, Manage Security Risks, OSS License Compliance
Mar 17, 2024/5 min read What is a software bill of materials? By Fred Bals Tags: SCA, Secure the Software Supply Chain
Mar 16, 2024/3 min read CVE-2017-5638: The Apache Struts vulnerability explained By Fred Bals Tags: Security News & Trends, Secure the Software Supply Chain
Mar 06, 2024/4 min read 2024 OSSRA Report: Outdated code risk in open source components By Fred Bals Tags: Security News & Trends, Secure the Software Supply Chain, Manage Security Risks
Feb 27, 2024/4 min read 2024 Open Source Security and Risk Analysis Report By Fred Bals Tags: SCA, Security News & Trends, Secure the Software Supply Chain
Jan 04, 2024/2 min read DevSecOps practices to maintain developer velocity By Fred Bals Tags: DevSecOps, Manage Security Risks
Dec 04, 2023/3 min read Shifting everywhere: The importance of continuous testing in the software development life cycle By Fred Bals Tags: DevSecOps
Nov 14, 2023/3 min read Software Vulnerability Snapshot Report Findings By Fred Bals Tags: DAST, Security News & Trends, Pen Testing, Web AppSec
Oct 18, 2023/2 min read DevSecOps Report: ASPM and its impact on software security By Fred Bals Tags: Security News & Trends, DevSecOps
Jun 30, 2023/2 min read Defending against malicious packages in the npm ecosystem and beyond By Fred Bals Tags: SCA, Manage Security Risks
Jun 26, 2023/7 min read 2023 OSSRA deep dive: High-risk vulnerabilities By Fred Bals Tags: Manage Security Risks, OSS License Compliance
May 10, 2023/4 min read 2023 OSSRA deep dive: jQuery and open source security By Fred Bals Tags: SCA, Secure the Software Supply Chain, OSS License Compliance
Mar 26, 2023/2 min read Synopsys Global Partner Program Receives CRN® 5-Star Rating for Second Consecutive Year By Fred Bals Tags: Security News & Trends
Dec 07, 2020/4 min read 6 Findings from DevSecOps Practices' Survey By Fred Bals Tags: AppSec Best Practices, DevSecOps, Manage Security Risks
Sep 29, 2020/3 min read Making SCA part of your AST Strategy By Fred Bals Tags: SCA, Security News & Trends, Secure the Software Supply Chain
Sep 10, 2020/4 min read TANSTAAFL! The tragedy of the commons meets open source software By Fred Bals Tags: Manage Security Risks
Jun 01, 2020/3 min read Why developers need a supplemental source to NVD vulnerability data By Fred Bals Tags: SCA, Build Security into DevOps
Feb 18, 2020/5 min read There’s no such thing as TMI when it comes to open source software By Fred Bals Tags: SCA, Security News & Trends
Jan 22, 2020/5 min read Coverity & Black Duck together. Better. Faster. Stronger. By Fred Bals Tags: SCA, Build Security into DevOps, SAST
Nov 12, 2019/3 min read Blue Yonder: Extending their SDLC to remediate open source issues By Fred Bals Tags: SCA
Feb 10, 2019/2 min read 3 takeaways from “Managing the Business Risks of Open Source” webinar By Fred Bals Tags: SCA, Security News & Trends, Manage Security Risks, OSS License Compliance
Oct 09, 2018/2 min read Why you need to perform open source due diligence in an M&A transaction By Fred Bals Tags: M&A, OSS License Compliance
Sep 30, 2018/3 min read CVE-2018-11776 and why you need Black Duck Security Advisories By Fred Bals Tags: SCA, Security News & Trends
Aug 27, 2018/2 min read CVE-2018-11776: The latest Apache Struts vulnerability By Fred Bals Tags: SCA, Security News & Trends, CyRC
Aug 14, 2018/2 min read The AppSec alphabet soup: A guide to SAST, IAST, DAST, and RASP By Fred Bals Tags: IAST, Web AppSec, SAST, Manage Security Risks
Jan 23, 2018/2 min read When software is the company, tech due diligence is critical By Fred Bals Tags: M&A, SCA, OSS License Compliance
Sep 14, 2017/3 min read Equifax, Apache Struts, and CVE-2017-5638 vulnerability By Fred Bals Tags: Security News & Trends, Secure the Software Supply Chain, Manage Security Risks
Apr 04, 2017/3 min read Cloudera IPO: Risk for cyber attacks, lawsuits, and loss of IP? By Fred Bals Tags: M&A, Manage Security Risks, OSS License Compliance