While one might anticipate that the more complex an application is, the more likely it is to have security vulnerabilities, a recent analysis from Black Duck found the opposite to be true. Its 2024 Software Vulnerability Snapshot report analyzed data from 200,000 dynamic application security testing scans for 1,300 applications across 19 different industry sectors. … continue reading
BURLINGTON, Mass., Oct. 1, 2024 — The former Synopsys Software Integrity Group announced today that it has rebranded as Black Duck Software, Inc. (“Black Duck”), a newly independent application security company. The company’s new brand is inspired by its flagship software supply chain solution, Black Duck software composition analysis (SCA), which has helped thousands of organizations … continue reading
Synopsys is continuing on with Black Duck’s tradition of naming Open Source Rookies of the Year. The decade-long tradition was established by Black Duck and designed to recognized the latest and greatest open-source projects. Synopsys announced it had acquired Black Duck Software in December of last year. The Open Source Rookies represent the top open … continue reading
Synopsys officially announced the acquisition of Black Duck Software this week. The companies first entered into an agreement that would enable Synopsys to acquire Black Duck early last month. According to Synopsys, the acquisition of Black Duck will help provide its customers with visibility into open source software. Black Duck provides automated solutions that detect … continue reading
Black Duck announced the release of its OpsSight automatic open source vulnerability detection solution for containers at its Flight 2017 conference in Boston today. According to the company’s CEO Lou Shipley, OpsSight is Black Duck’s first product that targets the production phase of the software lifecycle. “Container technology is revolutionizing the way organizations package, deploy, … continue reading
Google is teaming up with top technology providers on a new way for auditing and governing the modern software supply chain. Grafeas, which means “scribe” in Greek, is an open-source initiative for tracking and enforcing policies across software teams and pipelines. It was developed in collaboration with Google, JFrog, Red Hat, IBM, Black Duck, Twistlock, … continue reading
The amount of package managers and CI tools has grown over the years, and as a result, there is an additional need for DevOps automation. With Black Duck’s new release of Hub Detect, the company wants to simplify and streamline open source management for DevSecOps, and simplify integration into a DevOps toolchain. Hub Detect ensures the … continue reading
Red Hat’s annual open-source technology event, Red Hat Summit, is coming to a close today. The event showcases the latest innovations in cloud computing, platform, virtualization, middleware, storage and systems management technologies. In addition to the company’s numerous announcements, open-source solution providers and businesses gathered together to release their latest solutions and showcase platform features. … continue reading
Black Duck, a company that serves up information about the latest security vulnerabilities on open source components, released its 2017 Open Source Security and Risk Analysis (OSSRA) today. The OSSRA revealed significant risks related to open-source vulnerabilities and license-compliance challenges, as well as high levels of risk in the retail and ecommerce industry. According to … continue reading
Now that Visual Studio 2017 is officially generally available, companies are making sure they add to support to their existing solutions. JNBridge announced the release of JNBridgePro 8.1 to ensure compatibility with VS2017. JNBridge Pro connects any Java and .NET framework-based components so they work together, and delivers full access to .NET classes from Java … continue reading
Every year new open-source software projects emerge, but only a few will have an impact on the developer community. To distinguish the interesting and innovative ones, Black Duck has announced its ninth annual Open Source Rookies of the Year list, designed to recognize last year’s top new open-source projects. “This recognition is a tribute … continue reading
Black Duck announced today that it has created the Center for Open Source Research & Innovation (COSRI) as a way to give companies and researchers more information on the open-source ecosystem. Open-source components now comprise more than 50% of the average application, according to Black Duck’s director of strategic communications Brian Carter. The company found … continue reading
