Software Supply Chain Security

Our Software Supply Chain Security experts share insights to help you manage security issues in your software supply chain, from end to end.

Top Writers

Mike McGuire

Fred Bals

Patrick Carey

Last Published

14 Stories

7 Writers

AI coding security gap: 76% of orgs expose software supply chain to risk

Corey Hamilton

Dec 17, 2025 | 1 min read

Black Duck’s product release round-up: faster fixes, smarter security

Oct 27, 2025 | 1 min read

The Shai-Hulud npm malware attack: A wake-up call for supply chain security

Mike McGuire

Sep 18, 2025 | 2 min read

The recent npm supply chain attack: Lessons in securing your software dependencies

Mike McGuire

Sep 11, 2025 | 3 min read

What you need to know about the NIST Secure Software Development Framework

Fred Bals

Aug 12, 2025 | 5 min read

Unlocking the full potential of application security: Key findings from the Black Duck customer value study

Jason Schmitt

Jul 24, 2025 | 4 min read

Understanding Section 524B of the FD&C Act

Mike McGuire

Jul 08, 2025 | 6 min read

Beyond detection: Understanding vulnerability reachability in SCA

Mike McGuire

Jun 30, 2025 | 6 min read

The 2025 OSSRA report uncovers answers to common open source questions

Fred Bals

Mar 12, 2025 | 4 min read

Top open source licenses and legal risk for developers

Fred Bals

Mar 05, 2025 | 8 min read

Understanding the DeepSeek model license: Balancing openness and responsibility

Rich Kosinski

Feb 04, 2025 | 2 min read

Analyze AI-Generated Code with the Black Duck Snippet API

Mike McGuire

Feb 03, 2025 | 4 min read

Understanding generative AI risks in software development

Phil Odence

Oct 24, 2024 | 3 min read

AI-Generated Code Security Concerns Image

Is AI-generated code secure? Maybe. Maybe not.

Patrick Carey

Jun 12, 2024 | 4 min read

Top Writers

Mike McGuire

Fred Bals

Patrick Carey

Last Published