Featured New Posts

Open Source Delivers

What’s in Your Code? Reviewing On-Demand Audit Data

What's in Your Code? Reviewing On-Demand Audit Data

Today we released an internal research project based on data from the Open Source Security Audits we perform in our on-demand audit business. We anonymized, then analyzed the results from the review […]





Read More

Kontena – Developing a Friendly Container Platform

Black Duck Rookies Winner Kontena Project Container Management

This is the eighth year we’ve run the Black Duck Open Source Rookies of the Year awards. Each year we review the world of open source and recognize top new projects launched during the […]





Read More

Podcast: Can You Build Secure Software with Open Source?

ContraRisk Podcast on Open Source Security with Patrick Carey

Absolutely, if you take a proactive approach to managing open source risks. When “brand name” vulnerabilities like Heartbleed, DROWN, or the recent Google reporting of vulnerabilities in the GNU C […]





Read More

Hub Now Integrates with Atlassian’s Continuous Integration System Bamboo

Black Duck's Atlassian Bamboo Plugin

Last week, Black Duck released its first open source integration project for Atlassian Bamboo with 0.1.0 developed from the ground up. Bamboo is a popular system for continuous integration & […]





Read More

GENIVI Remote Vehicle Interaction (RVI) Initiative Makes Connected Cars More Open and Secure

GENIVI Remote Vehicle Interaction (RVI) Initiative Makes Connected Cars More Open and Secure

A modern car is estimated to include 100 million lines of source code. This is almost four times the amount of software in the F-35 fighter jet, and 20 times […]





Read More

Anticipating Due Diligence and Sleeping Well

Anticipating Due Diligence in M&A and Sleeping Well

About a year ago Forbes published a very comprehensive, nicely organized check list of Business/Legal items that typically come up in M&A due diligence. A few things struck me about […]





Read More

Spotlight on Black Duck Customer ScienceLogic

Spotlight on ScienceLogic: Black Duck Software Customer

One of the favorite parts of my job is the opportunity to speak to Black Duck customers and partners about how they’re using Black Duck solutions for security and license […]





Read More

What to Expect in 2016: Legal & Security in Open Source

What to Expect in 2016: Legal & Security Developments

Many changes are happening every day in open source, and we as an industry are constantly wondering what to expect next. We have a very interesting webinar coming up next week, […]





Read More

The Panama Papers: A Data Security Disaster

The Panama Papers - Worldwide Data Security Breach

Originally posted on Help Net Security.  The “Panama Papers” security breach is a juicy, made-for-the-Internet scandal. It has all the elements – secret off-shore accounts; involvement by international politicians, criminals, […]





Read More

The “Panama Papers” Debacle: Poster Child for Security Diligence

The “Panama Papers” Debacle: Poster Child for Security Diligence

I’d never heard of the law firm Mossack Fonseca before this week, though admittedly I’m not in their target demographic from a wealth standpoint. They are in the news now […]





Read More