Sorry, not available in this language yet

English
日本語

From this Author

May 16, 2024/3 min read

The changing face of software supply chain security risk

By Fred Bals

Tags: SCA, Secure the Software Supply Chain

Apr 08, 2024/5 min read

What is the Xz Utils Backdoor : Everything you need to know about the supply chain attack

By Fred Bals

Tags: Secure the Software Supply Chain

Apr 01, 2024/8 min read

Top open source licenses and legal risk for developers

By Fred Bals

Tags: SCA, OSS License Compliance

Mar 19, 2024/4 min read

2024 OSSRA report: Open source license compliance remains problematic

By Fred Bals

Tags: Artificial Intelligence, Manage Security Risks, OSS License Compliance

Mar 17, 2024/5 min read

What is a software bill of materials?

By Fred Bals

Tags: SCA, Secure the Software Supply Chain

Mar 16, 2024/3 min read

CVE-2017-5638: The Apache Struts vulnerability explained

By Fred Bals

Tags: Security News & Trends, Secure the Software Supply Chain

Mar 06, 2024/4 min read

2024 OSSRA Report: Outdated code risk in open source components

By Fred Bals

Tags: Security News & Trends, Secure the Software Supply Chain, Manage Security Risks

Feb 27, 2024/4 min read

2024 Open Source Security and Risk Analysis Report

By Fred Bals

Tags: SCA, Security News & Trends, Secure the Software Supply Chain

Jan 04, 2024/2 min read

DevSecOps practices to maintain developer velocity

By Fred Bals

Tags: DevSecOps, Manage Security Risks

Dec 04, 2023/3 min read

Shifting everywhere: The importance of continuous testing in the software development life cycle

By Fred Bals

Tags: DevSecOps

Nov 14, 2023/3 min read

Software Vulnerability Snapshot Report Findings

By Fred Bals

Tags: DAST, Security News & Trends, Pen Testing, Web AppSec

Oct 18, 2023/2 min read

DevSecOps Report: ASPM and its impact on software security

By Fred Bals

Tags: Security News & Trends, DevSecOps

Oct 10, 2023/2 min read

Deep Dive: 2023 Global State of DevSecOps Report

By Fred Bals

Tags: Security News & Trends, DevSecOps

Jun 30, 2023/2 min read

Defending against malicious packages in the npm ecosystem and beyond

By Fred Bals

Tags: SCA, Manage Security Risks

Jun 26, 2023/7 min read

2023 OSSRA deep dive: High-risk vulnerabilities

By Fred Bals

Tags: Manage Security Risks, OSS License Compliance

May 10, 2023/4 min read

2023 OSSRA deep dive: jQuery and open source security

By Fred Bals

Tags: SCA, Secure the Software Supply Chain, OSS License Compliance

Mar 26, 2023/2 min read

Synopsys Global Partner Program Receives CRN® 5-Star Rating for Second Consecutive Year

By Fred Bals

Tags: Security News & Trends

Dec 07, 2020/4 min read

6 Findings from DevSecOps Practices' Survey

By Fred Bals

Tags: AppSec Best Practices, DevSecOps, Manage Security Risks

Sep 29, 2020/3 min read

Making SCA part of your AST Strategy

By Fred Bals

Tags: SCA, Security News & Trends, Secure the Software Supply Chain

Sep 10, 2020/4 min read

TANSTAAFL! The tragedy of the commons meets open source software

By Fred Bals

Tags: Manage Security Risks

Jun 01, 2020/3 min read

Why developers need a supplemental source to NVD vulnerability data

By Fred Bals

Tags: SCA, Build Security into DevOps

Feb 18, 2020/5 min read

There’s no such thing as TMI when it comes to open source software

By Fred Bals

Tags: SCA, Security News & Trends

Jan 22, 2020/5 min read

Coverity & Black Duck together. Better. Faster. Stronger.

By Fred Bals

Tags: SCA, Build Security into DevOps, SAST

Nov 12, 2019/3 min read

Blue Yonder: Extending their SDLC to remediate open source issues

By Fred Bals

Tags: SCA

Feb 10, 2019/2 min read

3 takeaways from “Managing the Business Risks of Open Source” webinar

By Fred Bals

Tags: SCA, Security News & Trends, Manage Security Risks, OSS License Compliance

Oct 09, 2018/2 min read

Why you need to perform open source due diligence in an M&A transaction

By Fred Bals

Tags: M&A, OSS License Compliance

Sep 30, 2018/3 min read

CVE-2018-11776 and why you need Black Duck Security Advisories

By Fred Bals

Tags: SCA, Security News & Trends

Aug 27, 2018/2 min read

CVE-2018-11776: The latest Apache Struts vulnerability

By Fred Bals

Tags: SCA, Security News & Trends, CyRC

Aug 14, 2018/2 min read

The AppSec alphabet soup: A guide to SAST, IAST, DAST, and RASP

By Fred Bals

Tags: IAST, Web AppSec, SAST, Manage Security Risks

Jan 23, 2018/2 min read

When software is the company, tech due diligence is critical

By Fred Bals

Tags: M&A, SCA, OSS License Compliance

Sep 14, 2017/3 min read

Equifax, Apache Struts, and CVE-2017-5638 vulnerability

By Fred Bals

Tags: Security News & Trends, Secure the Software Supply Chain, Manage Security Risks

Apr 04, 2017/3 min read

Cloudera IPO: Risk for cyber attacks, lawsuits, and loss of IP?

By Fred Bals

Tags: M&A, Manage Security Risks, OSS License Compliance

Fred Bals

Fred is a senior technical writer at Black Duck. He is a Mini Cooper fanboy and has worked for both Google and Bob Dylan at various points in his career.