Skip to content

Software Development News: .NET, Java, PHP, Ruby, Agile, Databases, SOA, JavaScript, Open Source

Methods & Tools

Subscribe to Methods & Tools
if you are not afraid to read more than one page to be a smarter software developer, software tester or project manager!

Black Duck Software Press Releases
Syndicate content
Updated: 14 hours 57 min ago

View Recorded Webinars

Sun, 01/01/2017 - 05:59
View Recorded Webinarshleclair Sun, 01/01/2017 - 04:59 Resource Type Webinars Resource Content Black Duck has many webinars available on demand. Explore our webinar library today. Resource Link https://www.blackducksoftware.com/resources?type=31&topic=All&keyword= Exclude from resource page Exclude from resource page
Categories: Vendor

Open Source Security Audit Report for Applications

Thu, 06/23/2016 - 16:00
Open Source Security Audit Report for Applicationshleclair Thu, 06/23/2016 - 15:00 Resource Type Webinars Resource Content On average the applications contained more than twice as much open source as the organizations thought. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/207441?utm_source=web&utm_medium=websi… Resource Topic Security Exclude from resource page No
Categories: Vendor

Breakfast briefing

Thu, 06/23/2016 - 13:57
Breakfast briefinghleclair Thu, 06/23/2016 - 12:57 07/07/2016 07/07/2016 Zurich https://info.blackducksoftware.com/LE-2016-Q2-Partner-Seminar-Object-EMEA_Landi…

Use of open source software is ubiquitous worldwide because it reduces development costs, frees developers to work on higher-level tasks and accelerates time to market. Open source is the way applications are developed today and because applications represent the greatest level of risk on the security-threat landscape, organisations recognise that maximising the benefits they get from open source requires more effective security and management.

Please join with industry experts for an educational breakfast seminar that will help you maintain development agility and secure your applications. Whether you’re employing a mix of custom and open source code, or using Docker containers. you face new and increasingly complex challenges.

Date: Thursday 7th July

Location: Clouds - Maagplatz 5, 8005 Zurich; Get directions 

Agenda:

08.30 - Buffet Breakfast
09.00 - Welcome - Oliver Huser, OBJECT 
09.10 - Welcome; Kevin Bland, Black Duck Software
09.30 - How to Manage and Secure your use of Open Source, Thimo Hueller, Black Duck Software
10.15 - Alfresco Use Case - Live Demo 
11.00 - Forum & Questions
11.15 - Networking 

Categories: Vendor

Strategies for Managing Open Source Security Risk

Wed, 06/22/2016 - 16:30
Strategies for Managing Open Source Security Riskhleclair Wed, 06/22/2016 - 15:30 Resource Type Webinars Resource Content Insight into the open source used in a code base is critical to managing security risks. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/207429?utm_source=web&utm_medium=websi… Resource Topic Compliance Exclude from resource page No
Categories: Vendor

Lunch & Learn Seminar - “What Security Tools Miss”

Thu, 06/16/2016 - 19:40
Lunch & Learn Seminar - “What Security Tools Miss”hleclair Thu, 06/16/2016 - 18:40 07/13/2016 07/20/2016 Burlington, MA http://bit.ly/1UXPXVh

Join Mike Pittenger, VP of Product Strategy at Black Duck Software, at The Capital Grille Burlington, MA where he’ll discuss how your organization can:

  • Automate identification of all open source you’re using and map against known and newly identified vulnerabilities
  • Accelerate remediation
  • Take action today to better enforce open security without impacting an agile SDLC

Space is limited, so sign up today for “What Security Tools Miss”

When: 

July 13, 2016 from 12:00- 1:00 pm

Where:

The Capital Grille

10 Wayside Road

Burlington, Massachusetts 01803

Questions or Concerns?

Please contact Jenny Ho for more information! Register now.

Categories: Vendor

Lunch & Learn Seminar - “What Security Tools Miss”

Thu, 06/16/2016 - 19:34
Lunch & Learn Seminar - “What Security Tools Miss”hleclair Thu, 06/16/2016 - 18:34 07/20/2016 07/20/2016 San Jose, CA http://bit.ly/1Xs2SF0

Join Patrick Carey, Director of Product Marketing at Black Duck Software, at Morton's The Steakhouse, San Jose, California, where he’ll discuss how your organization can:

  • Automate identification of all open source you’re using and map against known and newly identified vulnerabilities
  • Accelerate remediation
  • Take action today to better enforce open source security without impacting an agile SDLC

Space is limited, so sign up today for “What Security Tools Miss”

When: 

July 20, 2016 from 12:00- 1:00 PM

Where:

Morton's The Steakhouse

177 Park Ave #100

San Jose, California 95113

Questions or Concerns? 

Please contact Jenny Ho for more information! Register here.

Categories: Vendor

EY Announces Black Duck CEO Lou Shipley is Named an EY Entrepreneur Of The Year® New England 2016 Finalist

Tue, 05/31/2016 - 14:00
EY Announces Black Duck CEO Lou Shipley is Named an EY Entrepreneur Of The Year® New England 2016 Finalisthleclair Tue, 05/31/2016 - 13:00

BURLINGTON, MA, May 31, 2016 – EY has announced that Black Duck CEO Lou Shipley is a finalist for the EY Entrepreneur Of The Year® 2016 Award in the New England program. The awards program recognizes entrepreneurs who demonstrate excellence and extraordinary success in such areas as innovation, financial performance and personal commitment to their businesses and communities.

Shipley was selected as a finalist by a panel of independent judges. Award winners will be announced at a special gala event on June 23, 2016, at the Boston Marriott Copley Place.

“The quality and success of the companies that made it to the semifinals was impressive. EY’s overall vetting process is thorough and I’m sure it was very difficult for the finalist judges to eliminate anyone. Reaching the finals is encouraging to me because it confirms what I believe – that the Black Duck team is on the right track and we’re building a great company,” said Shipley.

Now in its 30th year, the EY Entrepreneur Of The Year program has expanded to recognize business leaders in more than 145 cities in more than 60 countries throughout the world.

Regional award winners are eligible for consideration for the EY Entrepreneur Of The Year National program. Award winners in several national categories, as well as the EY Entrepreneur Of The Year National Overall Award winner, will be announced at the EY Entrepreneur Of The Year National Awards gala in Palm Springs, California, on November 19, 2016. The awards are the culminating event of the EY Strategic Growth Forum®, the nation’s most prestigious gathering of high-growth, market-leading companies.

Sponsors

Founded and produced by EY, Entrepreneur Of The Year is nationally sponsored nationally by SAP America, Merrill Corporation and the Ewing Marion Kauffman Foundation. In New England, sponsors also include Fama PR, Goodwin Procter, Isenberg School of Management at the University of Massachusetts Amherst, Nixon Peabody LLP and The True Capital. Other sponsors include Chatham Financial, Empire Valuation Consultants, Morgan Lewis and T3 Advisors.

About Black Duck Software

Organizations worldwide use Black Duck Software’s industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.

About EY Entrepreneur Of The Year®

EY Entrepreneur Of The Year is the world’s most prestigious business award for entrepreneurs. The unique award makes a difference through the way it encourages entrepreneurial activity among those with potential and recognizes the contribution of people who inspire others with their vision, leadership and achievement. As the first and only truly global award of its kind, Entrepreneur Of The Year celebrates those who are building and leading successful, growing and dynamic businesses, recognizing them through regional, national and global awards programs in more than 145 cities in more than 60 countries.

About EY’s Strategic Growth Markets practice

EY’s Strategic Growth Markets (SGM) practice guides leading high-growth companies. Our multidisciplinary teams of elite professionals provide perspective and advice to help our clients accelerate market leadership. SGM delivers assurance, tax, transactions and advisory services to thousands of companies spanning all industries. EY is the undisputed leader in taking companies public, advising key government agencies on the issues impacting high-growth companies and convening the experts who shape the business climate. For more information, please visit us at ey.com/us/strategicgrowthmarkets, or follow news on Twitter @EY_Growth.

About EY

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

Media Contacts:
Black Duck
Brian Carter, Director of Strategic Communications
bcarter@blackducksoftware.com
508-277-7570

PAN Communications
Michael O’Connell/ Tiffany Darmetko
blackduck@pancomm.com
617-502-4300

Categories: Vendor

Application Security: 6 Myths of Open Source Management

Wed, 05/25/2016 - 15:00
Application Security: 6 Myths of Open Source Managementhleclair Wed, 05/25/2016 - 14:00 Resource Type Webinars Resource Content Move beyond the myths to understand the processes you can implement to reduce risk from security vulnerabilities. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/202713?utm_source=Website&utm_medium=w… Resource Topic Security Exclude from resource page No
Categories: Vendor

Black Duck Releases Free Version of Hub Open Source Security Solution

Wed, 05/25/2016 - 13:54
Black Duck Releases Free Version of Hub Open Source Security Solutionhleclair Wed, 05/25/2016 - 12:54

Web-based Security Checker allows users to determine if known open source vulnerabilities are in the components used to build applications  

BURLINGTON, MA May 25, 2016Black Duck, the global leader in automated solutions for securing and managing open source software, today released Security Checker, a free, drag-and-drop tool for users to identify known open source security vulnerabilities in their code.

Based on Black Duck’s flagship Hub open source security solution, Security Checker scans the code contained in an uploaded archive file (e.g. .tar, .jar, .zip) or Docker image and provides a report showing the identified open source and related known security vulnerabilities. 

“Applications represent the greatest level of risk on the security-threat landscape and we expect that Security Checker scan results will provide an ‘aha moment’ for many open source users,” said Black Duck CEO Lou Shipley. “Their findings will focus attention on the need to regularly review application code to ensure it’s free of known open source vulnerabilities.” 

Open source use is ubiquitous worldwide because it reduces development costs, frees developers to work on higher-level tasks and accelerates time to market. It is the way applications are developed today. “Organizations definitely want to maximize all the benefits they get from open source, and as open source usage has increased, they’re realizing that it’s imperative to secure and manage their open source more effectively,” said Shipley.

The maximum file size for a Security Checker scan is 100MB and Shipley noted that “start to finish the process takes about 15 minutes. It’s a worthwhile investment of time to get valuable insights into the security of your open source code.”

Earlier this month Black Duck released a revealing report based on data from open source security audits of 200 commercial applications, conducted by its On-Demand business unit. The report confirms the widespread use of open source in application development and also highlights persistent challenges in securing and managing the open source in use.

Among the findings: 67 percent of the audited applications contained known open source security vulnerabilities; more than one third of the vulnerabilities identified were classified as “severe”; and 10 percent of the applications contained the Heartbleed vulnerability, which was discovered in April 2014.

Security Checker is available at: blackducksoftware.com/checker.

 

About Black Duck Software

Organizations worldwide use Black Duck Software’s industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.

Media Contacts:

Black Duck
Brian Carter, Director of Strategic Communications
bcarter@blackducksoftware.com
508-277-7570

PAN Communications
Michael O’Connell/ Tiffany Darmetko
blackduck@pancomm.com
617-502-4300

 

 

Categories: Vendor

InfoSecurity Europe

Tue, 05/17/2016 - 12:49
InfoSecurity Europehleclair Tue, 05/17/2016 - 11:49 06/07/2016 06/09/2016 London, UK InfoSecurity Europe

Join Black Duck Software in Stand G160 at InfoSecurity Europe. Savinder Chauhan, Director of Sales Engineering at Black Duck will also be presenting, "How to Manage and Secure Your Use of Open Source: Challenges and How to Address Them" on 09 Jun 2016, from 10:40 - 11:05 in the Technology Showcase.

Infosecurity Europe is region's number one information security event featuring Europe's largest and most comprehensive conference programme, and over 315 exhibitors showcasing the most diverse range of products and services to 12,000 visitors.

Categories: Vendor

Empowering Application Security in DevOps

Thu, 05/12/2016 - 16:00
Empowering Application Security in DevOpshleclair Thu, 05/12/2016 - 15:00 Resource Type Webinars Resource Content How do organizations build secure applications, given today's rapidly moving and evolving DevOps practices? Resource Image Resource Link https://www.brighttalk.com/webcast/13983/201341?utm_source=Website&utm_medium=w… Resource Topic Security Exclude from resource page No
Categories: Vendor

Black Duck Forms Security Advisory Board, Adds Research and Data-Mining Group

Thu, 05/05/2016 - 13:36
Black Duck Forms Security Advisory Board, Adds Research and Data-Mining Grouphleclair Thu, 05/05/2016 - 12:36

Investments in security expertise and innovative research fuel continuous improvement of market-leading open source security and management solutions

BURLINGTON, MA - May 5, 2016Black Duck, the global leader in automated solutions for securing and managing open source software, today announced strategic initiatives to add security expertise and strengthen its research and innovation capabilities.

The company has created a five-member Security Advisory Board comprising experienced security executives, and has launched Black Duck Research, a Vancouver-based, applied-research group focused on data mining, machine learning, natural language processing, big data management and analytics, and software quality.

“Our highest priority is delivering open source security solutions that address the market’s biggest challenges. Doing that requires a deep understanding of our customers’ needs and the obstacles they face. It’s also essential that the solutions we bring to market are underpinned by state-of-the-art research,” said Black Duck CEO Lou Shipley.

“We’re very pleased that we’ve attracted Security Advisory Board members with impeccable security credentials. Their security knowledge and insights will be invaluable, and the addition of top-flight research talent will enable us to continue our leadership in providing the most comprehensive open source information,” he said.

Black Duck Chief Technology Officer Bill Ledingham said Baljeet Malhotra, Vice President of Research, will head the Vancouver group. Malhotra holds a Ph.D. in Computing Science with specialization in Data Management and joins Black Duck from SAP where he was Research Director, Internet of Things (IoT) Standards.

“Given the continuing rapid growth of open source use worldwide, we believe it is critical that we apply the latest in big-data and machine-learning technologies to do the most thorough job in tracking and managing open source. This will ensure that we have the best possible data-management solutions to help our customers and partners use open source software and services in the most secure, compliant and reliable way,” said Ledingham.

Black Duck Research comprises award-winning computer and data scientists, innovators and Ph.D. and Master’s students, who are advised by software industry veterans and faculty members from premier institutes/universities in the U.S. and Canada.

Black Duck’s Security Advisory Board members:

Selim Aissi Ph.D. is the Chief Security Officer at Ellie Mae (NYSE:ELLI), the mortgage-software platform that processes almost a quarter of U.S. mortgage applications. Previously, he was Vice President of Global Information Security at VISA and Chief Security Architect at Intel.

He has more than two decades of computer industry and security innovation experience, and has been named by IT Security magazine as one of the "Top 59 Most Influential Security Experts." Through his career, Dr. Aissi filed over 100 patent applications, most of which have been granted by the United States Patent and Trademark Office (USPTO), and co-authored the book "Security for Mobile Networks and Platforms."

Michael Coates is the Trust and Information Security Officer at Twitter (NYSE:TWTR), the online social networking service. He leads Twitter’s security program across all elements of information security. Coates is also the former chairman and a current member of the global board of directors for OWASP, the largest open source application security community.

Previously, he was the Director of Product Security at Shape, where he led initiatives to change the way organizations defend their applications against modern application attacks.

Edna Conway is the Chief Security Officer for Global Value Chain at Cisco (NASDAQ: CSCO). She develops and oversees the deployment of Cisco’s strategy to assess, monitor and continuously improve the security of its global value chain. Cisco's Value Chain Security Program spans its Engineering, Services, Supply Chain Operations and Worldwide Partner organizations. In addition, Ms. Conway drives Cisco’s cyber and security protection plan throughout its third-party ecosystem.

She serves or has served on the company’s Cyber-Security Board, Risk and Resiliency Operating Committee and Global Compliance Governance Committee. Ms. Conway was named Chief Security Officer of the Year by Info Security Products Guide at the 2016 RSA Conference and is a Connected World magazine 2016 “Woman of M2M.” 

Steve Hunt, head of Chicago-based Hunt Business Intelligence, is a cybersecurity and risk management executive whose expertise includes strategy and leadership to emerging technologies and engineering. He is an adviser to executives, investors and entrepreneurs. He advises CISOs and plays interim CISO roles.

A sought-after speaker, Hunt has delivered 75 keynote and special session presentations on Enterprise Security, Information Risk and Global Information Security Trends at business and security conferences around the world.  Previously he was Director of Neohapsis, a security consultancy acquired by Cisco and was VP for Security & Risk Management at Forrester.

Gary McGraw, Ph.D. is the Chief Technology Officer of Cigital, Inc., one of the world’s largest software security services and technology firms. He is a globally recognized authority on software security and the author of eight best-selling books on the topic. His dual Ph.D. is in Cognitive Science and Computer Science from Indiana University, where he serves on the Dean’s Advisory Council for the School of Informatics. He served on the IEEE Computer Society Board of Governors and produces the monthly Silver Bullet Security Podcast for IEEE Security & Privacy Magazine.

McGraw is editor of the Addison-Wesley Software Security series and has written more than 100 peer-reviewed scientific publications. He authors a monthly security column for SearchSecurity and Information Security Magazine, and is frequently quoted in the media.

About Black Duck Software

Organizations worldwide use Black Duck Software’s industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.

Media Contacts:

Black Duck
Brian Carter, Director of Strategic Communications
bcarter@blackducksoftware.com
508-277-7570

PAN Communications
Michael O’Connell/ Tiffany Darmetko
blackduck@pancomm.com
617-502-4300

 

 

Categories: Vendor

PCI and Vulnerability Assessments - What’s Missing?

Wed, 05/04/2016 - 16:00
PCI and Vulnerability Assessments - What’s Missing?hleclair Wed, 05/04/2016 - 15:00 Resource Type Webinars Resource Content Vulnerability assessment tools overlook a large portion of an organization’s attack surface. View this webinar to discover how to guard your data. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/199317 Resource Topic Security Exclude from resource page No
Categories: Vendor

EY Announces Black Duck CEO Lou Shipley is Named an EY Entrepreneur Of The Year® 2016 Semifinalist in New England

Wed, 05/04/2016 - 12:32
EY Announces Black Duck CEO Lou Shipley is Named an EY Entrepreneur Of The Year® 2016 Semifinalist in New Englandhleclair Wed, 05/04/2016 - 11:32

Boston, Mass., May 3, 2016 – EY today announced that Black Duck CEO Lou Shipley is a semifinalist for the EY Entrepreneur Of The Year® 2016 Award in the New England program. The awards program, which is celebrating its 30th year, recognizes entrepreneurs who demonstrate excellence and extraordinary success in such areas as innovation, financial performance and personal commitment to their businesses and communities. Shipley was selected as a semifinalist by a panel of independent judges.  Award winners will be announced at a special gala event on June 23, 2016, at the Boston Marriott Copley Place.

“Innovative, high-performing and personally committed are all words I’d use to describe my colleagues at Black Duck. Being singled out for those traits as a semifinalist for EY Entrepreneur Of The Year is personally rewarding, of course, and it is also a reflection of the excellence that characterizes Black Duck as a company,” said Shipley.

Black Duck’s industry-leading products automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. The company is based in Burlington, MA.

Now in its 30th year, the EY Entrepreneur Of The Year program has expanded to recognize business leaders in more than 145 cities in more than 60 countries throughout the world. 

Regional award winners are eligible for consideration for the EY Entrepreneur Of The Year National program. Award winners in several national categories, as well as the EY Entrepreneur Of The Year National Overall Award winner, will be announced at the EY Entrepreneur Of The Year National Awards gala in Palm Springs, California, on November 19, 2016. The awards are the culminating event of the EY Strategic Growth Forum®, the nation’s most prestigious gathering of high-growth, market-leading companies.

Sponsors

Founded and produced by EY, the Entrepreneur Of The Year Awards are nationally sponsored by SAP America, Merrill Corporation and the Ewing Marion Kauffman Foundation.

In New England, sponsors also include fama PR, Goodwin Procter, the Isenberg School of Management at the University of Massachusetts Amherst, Nixon Peabody, True, Chatham Financial, Empire Valuation, Morgan Lewis, and T3 Advisors.

About Black Duck Software

Organizations worldwide use Black Duck Software’s industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.

About EY Entrepreneur Of The Year®

EY Entrepreneur Of The Year is the world’s most prestigious business award for entrepreneurs. The unique award makes a difference through the way it encourages entrepreneurial activity among those with potential and recognizes the contribution of people who inspire others with their vision, leadership and achievement. As the first and only truly global award of its kind, Entrepreneur Of The Year celebrates those who are building and leading successful, growing and dynamic businesses, recognizing them through regional, national and global awards programs in more than 145 cities in more than 60 countries.

About EY’s Strategic Growth Markets practice

EY’s Strategic Growth Markets (SGM) practice guides leading high-growth companies. Our multidisciplinary teams of elite professionals provide perspective and advice to help our clients accelerate market leadership. SGM delivers assurance, tax, transactions and advisory services to thousands of companies spanning all industries. EY is the undisputed leader in taking companies public, advising key government agencies on the issues impacting high-growth companies and convening the experts who shape the business climate. For more information, please visit us at ey.com/us/strategicgrowthmarkets, or follow news on Twitter @EY_Growth.

About EY

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

Media Contacts:
Black Duck
Brian Carter, Director of Strategic Communications
bcarter@blackducksoftware.com
508-277-7570

PAN Communications
Tiffany Darmetko
blackduck@pancomm.com
617-502-4300

Categories: Vendor

Future of Open Source Survey 2016 Results

Wed, 04/27/2016 - 19:00
Future of Open Source Survey 2016 Resultshleclair Wed, 04/27/2016 - 18:00 Resource Type Webinars Resource Content Today, open source drives technology and development forward. Resource Image Resource Link https://www.brighttalk.com/webcast/13983/199027 Resource Topic Security Compliance Open Source Development Exclude from resource page No
Categories: Vendor

Open Source Outlook: Expected Developments for 2016

Wed, 04/20/2016 - 16:30
Open Source Outlook: Expected Developments for 2016hleclair Wed, 04/20/2016 - 15:30 Resource Type Webinars Resource Content 2015 saw continued growth for open source software across many dimensions, a trend expected to continue in this coming year and a range of interesting developments that we reviewed in the last webinar.
In this webinar, the panelists will discuss:
- Open source and application security
- Community-centered compliance as reflected in OpenChain and SPDX
- The explosion of company involvement in collaborative projects
- The direction of the VMware case and other topics we anticipate being hot this year
Register now to join Black Duck, Mark Radcliffe and Karen Copenhaver on to discuss the hot topics generating buzz in the year to come. Resource Link https://www.brighttalk.com/webcast/13983/199723 Resource Topic Security Compliance Open Source Development Exclude from resource page Exclude from resource page
Categories: Vendor

Q1 2016 Open Source Security Report: Glibc and Beyond

Tue, 04/19/2016 - 16:30
Q1 2016 Open Source Security Report: Glibc and Beyondhleclair Tue, 04/19/2016 - 15:30 Resource Type Webinars Resource Content The first quarter of 2016 was a big one for new open source security vulnerabilities. The Glibc vulnerability was by far the biggest. It impacts nearly 900K of the 1 million different open source projects. In this webinar, we’ll dive into Glibc and the Q1 data to help you:
- Understand latest trends in open source security threats and what it means to your organization in 2016
- Simple steps to quickly find and protect yourself from newly reported threats
- Prepare your organization to respond to new vulnerabilities in open source projects Resource Link https://www.brighttalk.com/webcast/13983/199735 Resource Topic Security Exclude from resource page Exclude from resource page
Categories: Vendor

Black Duck Releases Latest Version of Hub Open Source Security Solution

Wed, 04/06/2016 - 14:37
Black Duck Releases Latest Version of Hub Open Source Security Solutionhleclair Wed, 04/06/2016 - 13:37

Includes increased code-scanning speed and new functionality to complement agile development

BURLINGTON, MA – April 6, 2016 – Black Duck, the global leader in automated solutions for securing and managing open source software, today released the latest version of Black Duck Hub, its flagship security solution, highlighting increases in code-scanning speed and new functionality that complements agile development processes.

Hub 3.0 streamlines Continuous Integration and DevOps processes through policy management and rapid-scanning capabilities that provide complete visibility into the open source code in both applications and containers. This accelerates development through early and continuous detection of known open source vulnerabilities and out-of-policy code.

“Agile development addresses customers’ constant demand for faster delivery of new functionality and features. Agility increases when dev teams can flag vulnerabilities and offending code early on. If vulnerabilities don’t surface until later in the dev cycle, time is lost and cost of remediation increases significantly. Agility takes a big hit,” said Black Duck CEO N. Louis Shipley.

“Open source is how today’s applications are built. With open source often comprising the majority of an application’s code, policy management along with fast, comprehensive identification of all open source code, and mapping of all known vulnerabilities are crucial,” said Shipley.

Hub’s automatic scanning and identification are up to 100 times faster than prior versions.  Additionally, Hub does full signature scans, finding all open source and known vulnerabilities, even if they aren’t declared in package manifests.

New Hub policy management capabilities allow creation of exception-based polices to identify open source components that do not meet defined security, license or operational risk. Policy conditions include: license type, component name or usage, number of newer versions available and project characteristics (tier, phase, distribution model). Policies can be overridden by occurrence.

Hub supports open source component and source identification down to the Linux distribution level. Current distributions supported include: Red Hat Enterprise Linux (RHEL), Fedora, Alpine and Debian.

 

About Black Duck Software

Organizations worldwide use Black Duck Software’s industry-leading products to secure and manage open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visit www.blackducksoftware.com.

Media Contacts:

Black Duck

Brian Carter, Director of Strategic Communications

bcarter@blackducksoftware.com

508-277-7570

 

PAN Communications

Michael O’Connell

blackduck@pancomm.com

617-502-4300

Categories: Vendor

Linux Foundation

Fri, 04/01/2016 - 15:05
Linux Foundationblackduck Fri, 04/01/2016 - 14:05

The Linux Foundation is the non-profit consortium dedicated to fostering the growth of Linux. Founded in 2007, the Linux Foundation sponsors the work of Linux creator Linus Torvalds and is supported by leading Linux and open source companies and developers from around the world.

Black Duck sponsors and speaks at Linux Foundation events and is one of the major supporters of the foundation’s Software Package Data Exchange® (or SPDX®) initiative.

http://www.linuxfoundation.org/
Categories: Vendor

SourceForge

Fri, 04/01/2016 - 15:04
SourceForgeblackduck Fri, 04/01/2016 - 14:04

SourceForge.net is the world's largest open source software development website. They provide free services that help people build cool stuff and share it with a global audience.

http://sourceforge.net/
Categories: Vendor