The Synopsys Software Integrity Group is now Black Duck®. Learn More

close search bar

Sorry, not available in this language yet

close language selection

AppSec Decoded: An introduction to the Black Duck Cybersecurity Research Center

Black Duck Editorial Staff

Aug 10, 2022 / 1 min read

One of the relatively newer teams within Black Duck is the Cybersecurity Research Center (CyRC), established in 2019.

And one of the major players on that team is Jonathan Knudsen, head of global research at CyRC.

In this episode of AppSec Decoded, recorded live at RSA 2022 in San Francisco, Knudsen talks with Taylor Armerding, security advocate at Black Duck, about CyRC’s major annual reports, including the “Open Source Software and Risk Analysis”(OSSRA) report, which uses anonymized data from M&A audits to develop a profile of how much open source is in the software ecosystem, how organizations are using it, and whether they’re keeping it up-to-date.

CyRC researchers also contribute to the quality of open source by providing a coordinated, responsible disclosure process when Black Duck researchers discover undisclosed defects in the software of other organizations.

As Knudsen puts it, it’s a win, win, win—it helps improve the quality of open source, and it’s a win for both the company and the researcher who discovered it.

Learn more about the CyRC research in the latest OSSRA report

                                     

Continue Reading

Explore Topics