GrammaTech has announced a new software composition analysis (SCA) product, CodeSentry, that is designed to detect vulnerabilities in application components including binaries, and create a detailed software bill of materials. According to the company, it identifies blind spots and allows security professionals to measure and manage risk quickly throughout the SDLC. With the bill of … continue reading
The short answer is never. There, I just saved you enough time that you can go and do the right thing and run SAST and DAST and work on hardening your code, instead of trying to test security into your application. Look, every time a new technology, process, or technique comes along there are some … continue reading
WhiteSource has announced the launch of its software composition analysis tool, Effective Usage Analysis. The solution provides details on how software components are being used and highlights their impact on the application’s security. According to WhiteSource, the tool will reduce open-source vulnerability alerts by 70 percent. “Our Effective Usage Analysis technology allows security and … continue reading
Synopsys and Black Duck Software have signed an agreement that will allow Synopsys to acquire Black Duck for approximately $565 million. Black Duck is known for its open source security and license management solutions. The acquisition is expected to close in December of this year. The transaction will be subject to Hart Scott Rodino regulatory … continue reading
