Skip to content

Software Development News: .NET, Java, PHP, Ruby, Agile, Databases, SOA, JavaScript, Open Source

Methods & Tools

Subscribe to Methods & Tools
if you are not afraid to read more than one page to be a smarter software developer, software tester or project manager!

Black Duck Software Press Releases
Syndicate content
Updated: 21 min 6 sec ago

View Recorded Webinars

Sun, 01/01/2017 - 05:59
View Recorded Webinarshleclair Sun, 01/01/2017 - 04:59 Resource Type Webinars Resource Content Black Duck has many webinars available on demand. Explore our webinar library today. Resource Link https://www.blackducksoftware.com/resources?type=31&topic=All&keyword= Exclude from resource page Exclude from resource page
Categories: Vendor

Contain your risk: Deploy secure containers with trust and confidence

Thu, 09/22/2016 - 16:00
Contain your risk: Deploy secure containers with trust and confidencehleclair Thu, 09/22/2016 - 15:00 Resource Type Webinars Resource Content Organizations are increasingly turning to container environments to meet the demand for faster, more agile software development. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/215567?utm_campaign=website&utm_medium… Resource Topic Application Security Container Security Exclude from resource page No
Categories: Vendor

Managing Open Source in Application Security and SDLC

Thu, 09/15/2016 - 16:00
Managing Open Source in Application Security and SDLChleclair Thu, 09/15/2016 - 15:00 Resource Type Webinars Resource Content Cigital and Black Duck experts explain the impacts of open source on application security. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/219915?utm_source=Web&utm_medium=Home%… Resource Topic Application Security Exclude from resource page No
Categories: Vendor

Former Defense Intelligence Agency Head Michael T. Flynn to Deliver Keynote at Black Duck’s “Flight16” Cybersecurity-focused User Conference

Thu, 09/08/2016 - 13:52
Former Defense Intelligence Agency Head Michael T. Flynn to Deliver Keynote at Black Duck’s “Flight16” Cybersecurity-focused User Conferencehleclair Thu, 09/08/2016 - 12:52

Outspoken retired Lt. General was short listed for Republican VP nomination

BURLINGTON, MA – Sept. 8, 2016 – Black Duck, a global leader in automated solutions for securing and managing open source software, today announced that retired Lt. Gen. Michael T. Flynn, former Director of the Defense Intelligence Agency in the Obama administration, will be a keynote speaker at Flight16, its inaugural user conference October 4-6 in Boston.

General Flynn, who delivered a passionate speech endorsing Donald Trump at the GOP’s convention in July, will provide his unique insider perspective on the security challenges and issues that keep U.S. intelligence officers awake at night.

“Cybersecurity is a top issue for every CEO and Board of Directors in the world. Throughout Flight16, our speakers, our panels and our hands-on technical training sessions will provide useful insights that will help our users keep their applications and containers secure,” said Black Duck CEO Lou Shipley.

“We’re very pleased to have a dynamic speaker and cybersecurity expert of Lt. Gen. Flynn’s stature to set the tone for our conference on day one,” said Shipley.

Additional keynote speakers during Flight16, which will be held at Boston’s Seaport Hotel & World Trade Center, will include Shipley, who has reshaped Black Duck into a leading open source security vendor over the last three years, and Cigital CTO Gary McGraw, an author and researcher who helped create the field of software security.

A first-of-its-kind event, Flight16 is an open source business, technical and educational conference featuring keynotes, sessions and panels focused on cybersecurity strategies.  

For more information and to register, please visit the conference page.

About Black Duck

Organizations worldwide use Black Duck’s industry-leading products to automate the process of securing and managing open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul, Vancouver and Beijing. For more information, visit www.blackducksoftware.com.

Media Contacts
Black Duck
Brian Carter
Director of Strategic Communications
bcarter@blackducksoftware.com
508.277.7570

PAN Communications
Michael O’Connell and Lisa Sorrentino
blackduck@pancomm.com
617.502.4300

Categories: Vendor

Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duck

Thu, 08/11/2016 - 16:00
Software Security Assurance for DevOps - Hewlett Packard Enterprise + Black Duckhleclair Thu, 08/11/2016 - 15:00 Resource Type Webinars Resource Content Open source powers everything from enterprise and mobile applications to cloud computing, containers and the Internet of Things. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/215547?utm_campaign=website&utm_medium… Resource Topic Application Security Exclude from resource page No
Categories: Vendor

Black Duck Announces Creation of Global Center for Open Source Research & Innovation

Tue, 08/02/2016 - 14:00
Black Duck Announces Creation of Global Center for Open Source Research & Innovationhleclair Tue, 08/02/2016 - 13:00

Growing reliance on open source for application development underscores the need for more
cutting-edge research – particularly in security

BURLINGTON, MA – Aug 2, 2016 – Black Duck, a leader in automated solutions for securing and managing open source software, today announced it has created a Center for Open Source Research & Innovation (COSRI), noting that increasing reliance on open source for application development underscores the need for continuing investment in research.

“Open source is the way today’s applications are developed and we expect worldwide adoption will continue to accelerate because of the compelling economic and productivity benefits open source provides. Over the next decade, more cutting-edge research, innovation, information and education – particularly related to open source security – are needed to ensure the open source ecosystem remains vibrant. We will be a leader in that effort,” said Black Duck CEO Lou Shipley.

COSRI will be based at Black Duck’s Massachusetts headquarters and Shipley said the two new Black Duck research groups in Canada and Europe will play major roles in its initiatives.

Europe-based Black Duck Security Research analyzes security issues and attack patterns in open source software to provide customers with actionable information on vulnerabilities, corrective actions to reduce risk, and strategies for using open source effectively. The Vancouver, Canada group conducts applied research in data mining, machine learning, natural language processing, big data management and software engineering.

“Both groups will be sources of valuable research and reports throughout the year. Their work will help us innovate and improve our open source security and management solutions and a great deal of what they do will also be shared for the benefit of the open source community,” said Shipley.

Through COSRI, Black Duck will continue to issue periodic Open Source Security Audit (OSSA) reports analyzing results of applications audited by the company’s On-Demand business as part of M&A activities. Black Duck published a revealing report earlier this year highlighting the challenges organizations face in securing and managing their open source. One eye-opening OSSA finding was that 67 percent of the applications contained security vulnerabilities in open source components.

Shipley said the research teams’ work will also add to and enhance Black Duck’s KnowledgeBase™, the world’s most complete, current and accurate repository and database of open source software, associated licenses and other critical information, including known security vulnerabilities. “The KnowledgeBase is the foundation for our products and we’ve been building it for more than a decade. That work will continue uninterrupted as a component of COSRI,” he said.

Black Duck’s Open Hub, its online community and public directory of free and open source software (FOSS), will also be part of COSRI. Open Hub offers analytics and search services for discovering, evaluating, tracking and comparing open source code and projects.

“To continue to grow and thrive, open source needs an active community. Our investment in Open Hub will continue as we include it under the COSRI umbrella,” Shipley said.

About Black Duck

Organizations worldwide use Black Duck’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.

Media Contacts
Black Duck
Brian Carter
Director of Strategic Communications
bcarter@blackducksoftware.com
508.277.7570

PAN Communications
Michael O’Connell and Lisa Sorrentino
blackduck@pancomm.com
617.502.4300

 

Categories: Vendor

Black Duck Announces Integration of Hub Solution with HPE Security Fortify Software Security Center

Wed, 07/13/2016 - 14:06
Black Duck Announces Integration of Hub Solution with HPE Security Fortify Software Security Centerhleclair Wed, 07/13/2016 - 13:06

Offering allows organizations to detect, prioritize and fix known open source vulnerabilities as well as vulnerabilities in custom code – all through a single view

BURLINGTON, MA – July 13, 2016 – Black Duck, a global leader in automated solutions for securing and managing open source software, today announced the integration of its flagship Hub solution into HPE Security Fortify Software Security Center (SSC), which helps organizations measure and control their application security posture and provides visibility into software risk across the enterprise.

Organizations developing applications today use a mix of custom and open source code, significantly increasing security risk, management complexity, and challenges.  With the integration of Black Duck Hub, organizations using HPE Security Fortify will be able to detect, prioritize and fix known open source vulnerabilities as well as custom code vulnerabilities – all through a single view in HPE Security Fortify Software Security Center.

“Use of open source has increased dramatically in the last five years because it cuts development costs and accelerates time to market. Open source is ubiquitous worldwide and can comprise 50 percent or more of a large organization’s code base. By integrating Black Duck Hub with HPE Security Fortify, customers will have visibility into and control of the open source they are using and also be able to identify known vulnerabilities.  This allows them to better understand and reduce their security risks,” said Lou Shipley, Black Duck CEO.

“A strong ecosystem of partners that adds security insight throughout the software development lifecycle is an essential element of the complete view of application security that HPE Security Fortify provides,” said Jason Schmitt, Vice President and General Manager, HPE Security Fortify, Hewlett Packard Enterprise. “This integration with Black Duck complements our existing secure development and security testing solutions by providing the ability to view the results of open source scanning alongside application security testing results to deliver a more complete and effective approach to managing application security.”

The key features of the Black Duck Hub and HPE Security Fortify integration include:

  • Deep Discovery of Open Source: Rapid scanning and identification of open source libraries, versions, license, and community activity powered by the Black Duck® KnowledgeBase™ – the world’s most complete open source database with detailed information on more than 1.5 million open source projects and 76,000+ known open source vulnerabilities.
  • Comprehensive Identification of Open Source Risks: Create an inventory of all open source in use and a map to known security vulnerabilities, identifying and prioritizing the severity of the vulnerability and exploring remediation steps.
  • Integrated Remediation Orchestration and Policy Enforcement: Open source vulnerability remediation prioritization, mitigation guidance, and automated policy management, allowing organizations to have visibility into their remediation efforts and manage their external and internal compliance mandates.
  • Continuous Monitoring for New Security Vulnerabilities: Ongoing monitoring and alerting on newly reported open source security vulnerabilities

For more information:

  1. Join a webinar co-hosted by Black Duck and HPE on Aug. 11, 2016, at 10 a.m. ET https://www.brighttalk.com/webcast/13983/215547
  2. Visit www.blackducksoftware.com/HPE or to see a demo video or request your own.
  3. Contact HPE@blackducksoftware.com for a further discussion, demo, or free trial.

About Black Duck

Organizations worldwide use Black Duck’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.

Media Contacts

Black Duck
Brian Carter
Director of Strategic Communications
bcarter@blackducksoftware.com
508.277.7570

PAN Communications
Michael O’Connell and Lisa Sorrentino
blackduck@pancomm.com
617-502-4300

Categories: Vendor

Open Source Security Audit Report for Applications

Thu, 06/23/2016 - 16:00
Open Source Security Audit Report for Applicationshleclair Thu, 06/23/2016 - 15:00 Resource Type Webinars Resource Content On average the applications contained more than twice as much open source as the organizations thought. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/207441?utm_source=web&utm_medium=websi… Resource Topic Application Security Exclude from resource page No
Categories: Vendor

Breakfast briefing

Thu, 06/23/2016 - 13:57
Breakfast briefinghleclair Thu, 06/23/2016 - 12:57 07/07/2016 07/07/2016 Zurich https://info.blackducksoftware.com/LE-2016-Q2-Partner-Seminar-Object-EMEA_Landi…

Use of open source software is ubiquitous worldwide because it reduces development costs, frees developers to work on higher-level tasks and accelerates time to market. Open source is the way applications are developed today and because applications represent the greatest level of risk on the security-threat landscape, organisations recognise that maximising the benefits they get from open source requires more effective security and management.

Please join with industry experts for an educational breakfast seminar that will help you maintain development agility and secure your applications. Whether you’re employing a mix of custom and open source code, or using Docker containers. you face new and increasingly complex challenges.

Date: Thursday 7th July

Location: Clouds - Maagplatz 5, 8005 Zurich; Get directions 

Agenda:

08.30 - Buffet Breakfast
09.00 - Welcome - Oliver Huser, OBJECT 
09.10 - Welcome; Kevin Bland, Black Duck Software
09.30 - How to Manage and Secure your use of Open Source, Thimo Hueller, Black Duck Software
10.15 - Alfresco Use Case - Live Demo 
11.00 - Forum & Questions
11.15 - Networking 

Categories: Vendor

Strategies for Managing Open Source Security Risk

Wed, 06/22/2016 - 16:30
Strategies for Managing Open Source Security Riskhleclair Wed, 06/22/2016 - 15:30 Resource Type Webinars Resource Content Insight into the open source used in a code base is critical to managing security risks. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/207429?utm_source=web&utm_medium=websi… Resource Topic License Compliance Exclude from resource page No
Categories: Vendor

Lunch & Learn Seminar - “What Security Tools Miss”

Thu, 06/16/2016 - 19:40
Lunch & Learn Seminar - “What Security Tools Miss”hleclair Thu, 06/16/2016 - 18:40 07/13/2016 07/13/2016 Burlington, MA http://bit.ly/29OZDTk

Join Mike Pittenger, VP of Product Strategy at Black Duck Software, at The Capital Grille Burlington, MA where he’ll discuss how your organization can:

  • Automate identification of all open source you’re using and map against known and newly identified vulnerabilities
  • Accelerate remediation
  • Take action today to better enforce open security without impacting an agile SDLC

Space is limited, so sign up today for “What Security Tools Miss”

When: 

July 13, 2016 from 12:00- 1:00 pm

Where:

The Capital Grille
10 Wayside Road
Burlington, Massachusetts 01803

Questions or Concerns?

Please contact Jenny Ho for more information! Register now.

Categories: Vendor

Lunch & Learn Seminar - “What Security Tools Miss”

Thu, 06/16/2016 - 19:34
Lunch & Learn Seminar - “What Security Tools Miss”hleclair Thu, 06/16/2016 - 18:34 07/20/2016 07/20/2016 San Jose, CA http://bit.ly/1Xs2SF0

Join Patrick Carey, Director of Product Marketing at Black Duck Software, at Morton's The Steakhouse, San Jose, California, where he’ll discuss how your organization can:

  • Automate identification of all open source you’re using and map against known and newly identified vulnerabilities
  • Accelerate remediation
  • Take action today to better enforce open source security without impacting an agile SDLC

Space is limited, so sign up today for “What Security Tools Miss”

When: 

July 20, 2016 from 12:00- 1:00 PM

Where:

Morton's The Steakhouse

177 Park Ave #100

San Jose, California 95113

Questions or Concerns? 

Please contact Jenny Ho for more information! Register here.

Categories: Vendor