Skip to content

Software Development News: .NET, Java, PHP, Ruby, Agile, Databases, SOA, JavaScript, Open Source

Methods & Tools

Subscribe to Methods & Tools
if you are not afraid to read more than one page to be a smarter software developer, software tester or project manager!

Black Duck Software Press Releases
Syndicate content
Updated: 23 hours 28 min ago

What Vulnerability Assessment Tools Miss

Thu, 02/18/2016 - 19:00
Webinar

Open source software and code has become common place in application development, as have the use of vulnerability assessment tools. After all, no one wants to be the victim of the next Heartbleed, Poodle or Logjam. But vulnerability assessment tools, while helpful, have blind spots. How can you ensure that you are protecting your networks and applications from newly disclosed vulnerabilities? Join Black Duck Software and (ISC)2 on February 18, 2016 at 1:00PM Eastern for a discussion on VA Tools, Open Source Assets and secure application developmen

What Vulnerability Assessment Tools Miss Asset Value:  Low value Redirect:  https://www.brighttalk.com/webcast/5385/189897
Categories: Vendor

Black Duck & IBM Present: Application Security in the Age of Open Source

Thu, 02/18/2016 - 17:00
Webinar

Whether you’re developing applications for internal use or for your customers, keeping them secure is no easy feat. After all, today's applications are a healthy mix of open source and custom code. Identifying and resolving security vulnerabilities in both requires the right tools and know-how. Join IBM and Black Duck for an educational webinar on what it takes to keep your apps safe.

Black Duck & IBM Present: Application Security in the Age of Open Source Asset Value:  Low value Redirect:  http://info.blackducksoftware.com/ibm-webinar-Feb18.html
Categories: Vendor

The 2015 Open Source Year in Review

Wed, 02/03/2016 - 17:30
Webinar

This annual review will highlight the most significant legal developments related to open source software in 2015, including:

  • New lawsuits: enforcing GPLv2 and more patent litigation
  • GPL Guides
  • FOSS Trademark Issues
  • Android Community F
  • OSS Business Model
  • Launch of New Global Collaboration Platforms 

Gain insights into these important legal developments from two of the leading open source legal experts, Karen Copenhaver, Partner at Choate Hall & Stewart and Counsel for the Linux Foundation, Mark Radcliffe, Partner at DLA Piper and General Counsel for the Open Source Initiative (OSI). 

Webinar Date: Wednesday, February 3, 2016 at 11:30 AM ET

Speakers:

Karen Copenhaver
Partner at Choate Hall & Stewart and Counsel for the Linux Foundation

Mark Radcliffe
Partner at DLA Piper and General Counsel for the Open Source Initiative (OSI)

Click here to register.

The 2015 Open Source Year in Review SF Campaign ID:  701600000014svp Asset Value:  Low value Redirect:  http://info.blackducksoftware.com/The-2015-Open-Source-Year-in-Review-Registrati... Lead Segment:  License
Categories: Vendor

(ISC)² Secure Boston - Healthcare 2016

Thu, 01/21/2016 - 19:22

SecureBoston-Healthcare2016
September 27, 2016
Registration Opens at 8:00 a.m.
Conference Hours: 9:00 a.m.-5:00 p.m.

The Unique Challenges of Securing Information in Healthcare Organizations

Learn more.

Event Dates:  Tuesday, September 27, 2016 Lead Segment:  License
Categories: Vendor

(ISC)² Secure Denver 2016

Thu, 01/21/2016 - 19:20

SecureDenver2016
June 17, 2016
Registration Opens at 8:00 a.m.
Conference Hours: 9:00 a.m.-5:00 p.m.

Threat Intelligence – From Haystacks to Needles

Learn more.

Event Dates:  Friday, June 17, 2016 Lead Segment:  License
Categories: Vendor

(ISC)² Secure Kansas City 2016

Thu, 01/21/2016 - 19:14

SecureKansasCity2016

April 8, 2016
Registration Opens at 8:00 a.m.
Conference Hours: 9:00 a.m.-5:00 p.m.

Managing the Risk in Your Enterprise  

Learn more.

Event Dates:  Friday, April 8, 2016 Lead Segment:  License
Categories: Vendor

Tech|Forum Security Forum

Thu, 01/21/2016 - 19:02

TechForum's Security Forum
March 24th, 2016 8AM-4:30PM
Central Manhattan location, NYC

TechForum's Security Forum is a twice-yearly, invitation-only conference for practicing end-user IT managers at mid-to large companies, and exhibiting vendors. Security Forum promotes dialogue between buyers and sellers of new and disruptive technologies around the key cybersecurity and risk management issues facing large enterprise organizations. We take a real-world approach to technologies which are fundamentally changing corporate IT. In our interactive panels and targeted presentations, IT managers who are implementing secure solutions in the enterprise engage with a select group of vendors in discussion. If you want first-rate social networking-along with a serious reality check of the promises and pitfalls of security in the cloud. you'll want to be a part of this must-attend event for security managers.

Attendance is restricted to end-user IT managers who work directly for mid-size to large enterprise organizations, and sponsoring vendors.

Learn more.

Event Dates:  Thursday, March 24, 2016 Lead Segment:  License
Categories: Vendor

(ISC)² Secure Seattle 2016

Thu, 01/21/2016 - 18:57

SecureSeattle2016

March 15, 2016
Registration Opens at 8:00 a.m.
Conference Hours: 9:00 a.m.-5:00 p.m.

Security in the Cloud

Learn more.

Event Dates:  Tuesday, March 15, 2016 Lead Segment:  License
Categories: Vendor

(ISC)² Secure Phoenix 2016

Thu, 01/21/2016 - 18:53

SecurePhoenix2016

March 10, 2016
Registration Opens at 8:00 a.m.
Conference Hours: 9:00 a.m.-5:00 p.m.

Threat Intelligence – From Haystacks to Needles

Learn more.http://www.cvent.com/events/-isc-securephoenix2016/event-summary-0793160f4bcc4d90ae1d1b6a04fb78b2.aspx

Event Dates:  Thursday, March 10, 2016 Lead Segment:  License
Categories: Vendor

RSA Security Summit

Thu, 01/21/2016 - 18:41

RSA Conference 2016
Moscone Center, San Francisco
February 29 - March 4, 2016

South Expo Booth #S314

The RSA Conference Expo gives you an opportunity to connect with Information Security leaders in two main halls - North Expo and South Expo.  Come see how RSA Conference exhibitors offer you the latest technological solutions, provide hands-on learning opportunities and demonstrate how they can help you better secure your organization.

Learn more.

Event Dates:  Monday, February 29, 2016 to Friday, March 4, 2016 Lead Segment:  License
Categories: Vendor

IBM - InterConnect

Thu, 01/21/2016 - 18:26

InterConnect 2016 
The Premier Cloud & Mobile Conference 

February 21 – 25, 2016
MGM Grand & Mandalay Bay
Las Vegas, NV

Learn more now.

Event Dates:  Sunday, February 21, 2016 to Thursday, February 25, 2016 Lead Segment:  License
Categories: Vendor

(ISC)² Secure San Antonio 2016

Wed, 01/20/2016 - 22:36

SecureSanAntonio2016

February 4, 2016

Registration Opens at 8:00 a.m.

Conference Hours: 9:00 a.m.-5:00 p.m.

1:15 p.m.-2:00 p.m- Open Source Security What Security Testing Tools Miss - Black Duck Software

Static analysis, dynamic analysis, and other testing tools are all essential weapons against adversaries.  But for the 80%+ of companies worldwide that use open source software in their application development these tools are ineffective in identifying and mitigating open source security risks . This presentation will cover: The value of static and dynamic tools, and where they best fit in the Secure Development Lifecycle

  • Why these tools are not useful in identifying known vulnerabilities in open source components
  • Controls development and security professionals can deploy to select, detect, manage and monitor open source for existing and newly disclosed vulnerabilities

Website.

Event Dates:  Thursday, February 4, 2016 Lead Segment:  License
Categories: Vendor

(ISC)² Secure Raleigh 2016

Wed, 01/20/2016 - 22:30

(ISC)² Secure Raleigh 2016

Hilton North Raleigh Midtown

Raleigh, NC

1:15 -2:00 p.m.- Open Source Security – What Security Testing Tools Miss - Mike Pittenger, Black Duck Software

Static analysis, dynamic analysis, and other testing tools are all essential weapons against adversaries. But for the 80%+ of companies worldwide that use open source software in their application development these tools are ineffective in identifying and mitigating open source security risks . This presentation will cover: The value of static and dynamic tools, and where they best fit in the Secure Development Lifecycle

  • Why these tools are not useful in identifying known vulnerabilities in open source components
  • Controls development and security professionals can deploy to select, detect, manage and monitor open source for existing and newly disclosed vulnerabilities

Website

Event Dates:  Thursday, January 21, 2016 Lead Segment:  License
Categories: Vendor

Security and The Automotive Development LifeCycle

Thu, 11/19/2015 - 16:00
Webinar

Cybersecurity, rather than being the aim of application development, often exists in opposition to delivery of software and software-enabled automotive systems.  Even with multi-year product roadmaps, developers of automotive applications face the same pressures as their enterprise and consumer electronics counterparts. There are constant pressures to prototype, create and deliver software on-time and at budget, and to meet ever more aggressive lifecycles and shorter market windows. Consequently, software is often deployed with the “paint-still-wet” core functionality mostly in place, but without additional investment needed to harden applications and systems against cyberattack.

This webinar, presented by the GENIVI Alliance, will review the evolving automotive product lifecycle and examine ways and means to integrate cybersecurity as an integral part of software development. In particular, it will lay out best practices for “appsec”, including, security tools (e.g., for code quality), vulnerability tracking, supply chain security, pen testing, development vs. deployment configuration management, and security in both traditional (waterfall) development and agile environments.

Moderator:  Bill Weinberg, Senior Director, Open Source Strategy at Black Duck Software

Panelist #1: Anuja Sonalker, Ph.D, VP Engineering & Operations, North America at TowerSec Automotive Cyber Security

Panelist #2: Mike Ridge, Founding Partner, Silent CyberTo Be Announced

Panelist #3: To Be Announced

 

PANELIST BIOGRAPHIES:


Moderator:
BILL WEINBERG
Senior Director
Open Source Strategy
Black Duck Software

Bio: Bill helps Fortune 1000 clients create sound approaches to enable, build, and securely deploy open source software across the enterprise, in the cloud, and on intelligent devices.   With a career spanning over thirty years, Bill’s expertise bridges open source business and technology, development tools, application and system security, mobile/embedded software, and the Internet of Things.  

Prior to Black Duck, Bill ran his own open source consultancy, Linux Pundit.  Earlier, as General Manager of the Linux Phone Standards Forum, he worked to establish standards for mobile telephony middleware.  As a founding team-member at MontaVista Software, he pioneered Linux as leading platform for intelligent and mobile devices, and  as Senior Analyst at OSDL (today, the Linux Foundation), he ran Carrier Grade and Mobile Linux initiatives and worked closely with foundation members and open source community participants.

Register Now Asset Value:  Low value Lead Segment:  License
Categories: Vendor

European Cybersecurity and Data Protection Laws and the Implications for Managing Open Source

Thu, 11/19/2015 - 16:00
Webinar

Open source makes up 30% of the code estate of most organizations today and that number will only rise. While there is nothing specifically unsecure about open source, managing vulnerabilities in open source components does require a new and different process. Legal, security and development functions can and should combine forces to ensure that their organization gets all the benefits of open source software while managing the risks, particularly in the face of new regulation..

Andrew Joint and Alex Cravero from Kemp Little will join Matt Jacobs from Black Duck to explore:

  • What new regulations require 
  • What they will mean for open source and 
  • How your company can prepare
Register Now Asset Value:  Low value Lead Segment:  License
Categories: Vendor

Seminar: Managing Open Source To Maximize Opportunity And Minimize Legal Risk

Mon, 11/16/2015 - 23:28

BakerHostetler
Register Now 45 Rockefeller Plaza
New York, NY
14th Floor
8:30am-11:30am

Continental Breakfast will be served 

Tightening budgets and competitive pressures have many technology companies turning to open source software (OSS) to increase agility and accelerate innovation. However, a recent Gartner report states that 50% of companies will face challenges due to a lack of OSS policy and management.

While OSS provides many competitive advantages, most technology companies are yet to uncover its full potential. Many have no strategy for optimizing development with OSS and often ignore or are unaware of the technical, business and legal challenges of multi-source development. Companies are similarly unaware that the OSS being used within their business environment and, in many cases, already contained within their own proprietary code, may be subject to a myriad of security vulnerabilities and exploits. Indeed, OSS governance has moved past traditional license compliance concerns and the focus on the secure use of OSS has moved front and center.   

We invite you to attend our legal seminar where Judy Selby, Partner, and Oren Warshavsky, Partner at BakerHostetler and Matthew Jacobs, General Counsel at Black Duck Software will cover:

  • The latest OSS trends 
  • Overviews of some of the most popular OSS licenses (including the GPL)
  • OSS, a focus on security 
  • Policy, Procedures and Best Practices
  • Some common case studies for OSS 
Event Dates:  Thursday, December 3, 2015 Lead Segment:  License
Categories: Vendor

What Security Tools Miss

Thu, 11/12/2015 - 17:00
Webinar

Static analysis tools, dynamic analysis tools, and PEN testing tools are all essential weapons against the “bad guys.”  But for the 78% of companies worldwide that use open source software in their application development these tools are ineffective in identifying and mitigating open source security risks across their application portfolios.
 
Join Mike Pittenger, VP of Product Strategy at Black Duck Software as he discusses what these tools miss and how to:

  • Automate the identification of all the open source – including code snippets –  throughout their code base
  • Automatically map known open source security vulnerabilities to the open source that is in use
  • Accelerate the triage process and track remediation
  • Continuously and dynamically monitor all open source in the code for newly identified vulnerabilities.
SF Campaign ID:  70160000000pmi1 Asset Value:  Low value Redirect:  https://www.blackducksoftware.com/resources/webinar/what-security-tools-miss Lead Segment:  License
Categories: Vendor

Open Source Software Security – Risk, Rewards and Regulation

Wed, 11/04/2015 - 16:00
Webinar

In this webinar, Black Duck Software, Thomas Eggar LLP and Control Risks review the role of open source in IT security and the applications and data under threat. It compares the risks and rewards of developing with and deploying open source in today’s hostile IT landscape, in particular as part of today’s multi-sourced IT supply chain. It explores the parallel threads of open source governance for IP protection and for application security. Finally, the webinar examines the role of government regulation in enhancing enterprise security, privacy and confidentiality, and also the potential (unintended) side-effects of regulation upon today’s software ecosystem.

Panel discussion on Open Source Software Security, featuring:

  • Daniel Hedley, Associate at Thomas Eggar LLP 
  • Oliver Fairbank, Cyber Threat Intelligence Analyst at Control Risks
  • Bill Weinberg, Senior Director of Open Source Strategy at Black Duck Software (@LinuxPundit)

 

SF Campaign ID:  701600000014qTo Asset Value:  Low value Redirect:  https://www.blackducksoftware.com/resources/webinar/open-source-software-securit... Lead Segment:  License
Categories: Vendor