I’m excited to share that Snyk has joined the Linux Foundation’s expanded support of the Open Source Security Foundation (OpenSSF) as a premier member alongside Microsoft, Google, Cisco, Facebook, Intel, VMware, Red Hat, Oracle, and others. As Snyk’s mission is to enable developers to develop fast while staying secure, we believe that this cross-industry collaboration is critical to the future of software development and improving the security of open source.

Securing investors is always a challenge for startups. But for open-source companies, it’s even harder. Open-source companies need the right investors to innovate and enter new markets. But when you deal with a specific subset like open source, it can be difficult to find VCs with the required experience and knowledge. Those of us in the open-source community know it’s not just about the money — it’s also about continuing to grow the community.

Open source intelligence (OSINT) is the process of identifying, harvesting, processing, analyzing, and reporting data obtained from publicly available sources for intelligence purposes. Open source intelligence analysts use specialized methods to explore the diverse landscape of open source intelligence and pinpoint any data that meets their objectives. OSINT analysts regularly discover information that is not broadly known to be accessible to the public.

In an effort to secure the software supply chain, Black Duck SBOM export capabilities now comply with the NIST standards in Executive Order 14028.

The speed at which security operations are processed and data is consumed is moving at a dazzling pace. This is why flexibility, customizability, and user-friendliness are deemed as core pillars of next-gen security solutions. And it is exactly what Cloud SOAR’s Open Integration Framework is all about.

Banking has changed. In the past, financial institutions outsourced their technology. They had large consulting firms creating, managing, and maintaining their back-end systems. Although banks would have knowledge of the systems in place, they wouldn’t be running them on a day-to-day basis. That was the consultants’ responsibility. Recent years have seen a significant shift in the financial sector.

In this episode of AppSec Decoded, we discuss the major open source trends identified within the 2021 OSSRA report. The explosive growth of open source is not new. Developers have been using this collaborative method of building software applications to meet the market demands for quality and speed for many years. Synopsys has conducted research on trends in open source usage with commercial applications since 2015.

Black Duck provides a comprehensive SCA solution for managing security, quality, and license compliance risks associated with open source use. Given today’s development trends, your organization is undoubtedly leaning heavily on open source in any number of ways. According to Synopsys’ annual Open Source Security and Risk Analysis (OSSRA) report.

API security is one of the most important aspects of cybersecurity. The rise of new technologies like microservices, cloud-native applications, IoT devices, single-page applications, serverless, and mobile has led to increased use of APIs. Any internal application elements are now APIs connecting with one other through a network. A game API lets your applications and web services communicate with one another and share information such as rules, settings, specs, and data.

Our latest State of Software Security: Open Source Edition report just dropped, and developers will want to take note of the findings. After studying 13 million scans of over 86,000 repositories, the report sheds light on the state of security around open source libraries – and what you can do to improve it. The key takeaway? Open source libraries are a part of pretty much all software today, enabling developers to work faster and smarter, but they’re not static.