Open Source and Software Supply Chain Risks
Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug
Richi Jennings | | Buffer Overflow, buffer overflow attack, Buffer Overflow Vulnerabilities, buffer overflows, Chrome, Chromium, edge, Electron, Exploitable Vulnerabilities, Firefox, google, Heap Overflow, libwebp, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, opera, SB Blogwatch, secure software supply chain, slack, software supply chain, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, thunderbird, WebP
WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more ...
Security Boulevard
Black Duck audits reporting update: Streamlined view of risks and remediation steps
Emmanuel Tournier | | M&A and OSS license compliance, Mergers and acquisitions due diligence, Open Source and Software Supply Chain Risks, Open source license compliance
New Synopsys Black Duck® engagement summary report summarizes a breadth of insights across all domains of software due diligence. Introducing the new engagement summary report Synopsys is offering a new Black Duck® ...
The parallels of AI and open source in software development
Phil Odence | | M&A and OSS license compliance, Mergers and acquisitions due diligence, Open Source and Software Supply Chain Risks, Open source license compliance
Parallels between the history of open source and the rise of AI in software development can teach us valuable AppSec lessons ...
The rise of AI in software development
Phil Odence | | M&A and OSS license compliance, Mergers and acquisitions due diligence, Open Source and Software Supply Chain Risks, Open source license compliance
Generative artificial intelligence tools are changing the world and the software development landscape significantly. Our webinar series will help you understand how ...
Why nontechnical organizations need due diligence
Don Mulrenan | | M&A and OSS license compliance, Mergers and acquisitions due diligence, Open Source and Software Supply Chain Risks, Open source license compliance
Software impacts tech and nontech businesses alike, which is why a strategic acquirer or PE firm always needs due diligence. ...
Defending against malicious packages in the npm ecosystem and beyond
Fred Bals | | Managing security risks, Open Source and Software Supply Chain Risks, Software Composition Analysis
Learn how to shield your organization from the danger of malicious packages in the npm ecosystem and beyond. ...
2023 OSSRA deep dive: High-risk vulnerabilities
Fred Bals | | Open Source and Software Supply Chain Risks, Open source license compliance, Software compliance quality and standards
The 2023 OSSRA report indicates that organizations are failing to patch high-risk vulnerabilities; our vulnerability deep-dive shows how to evaluate your own risk. ...
FDA: SBOMs requirement for connected medical devices
Julie Courtnay | | M&A and OSS license compliance, Mergers and acquisitions due diligence, Open Source and Software Supply Chain Risks, Open source license compliance
With FDA requirements mandating a cybersecurity bill of materials (CBOM) for medical devices, consider partnering with a trusted SBOM solution provider ...
Software quality: Gauging strengths and weaknesses
Chris Boyd | | M&A and OSS license compliance, Mergers and acquisitions due diligence, Open Source and Software Supply Chain Risks, Open source license compliance
When it comes to the quality of your software, it’s imperative to understand your strengths and weaknesses, before your buyer does. ...
Connecting the dots: Development + business risk + due diligence
Phil Odence | | M&A and OSS license compliance, Mergers and acquisitions due diligence, Open Source and Software Supply Chain Risks, Open source license compliance
Organizations should emphasize processes that connect the dots between software development practices, business risk and due diligence activities ...