Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Open Source


Black Duck's New Year's Resolution

The new Black Duck SCA release offers enhancements to help organizations to better understand the potential risks in their software supply chain. Black Duck® software composition analysis (SCA) started the new year off strong and got a running start on its resolution to better help teams secure their software supply chain at the speed of modern software development. Let’s look at some of the highlights of the 2023.1.0 release.


Top Open Source Licenses Explained

With an understanding of what open source licenses are and their benefits, it’s also useful to know what are the main categories of these licenses, the different types, and their requirements. It’s quite an array, which can be overwhelming, but with this knowledge, you can make more informed choices about what software and what licenses are right for your purposes.


Where is Your Risk? Vulnerabilities in Open Source Software

The first post of this series on the software-related risks organizations are facing looked at vulnerabilities introduced in development. In this post we look at the risks of open source vulnerabilities. Organizations are increasingly dependent on third-party software, including open source code, but current tools provide limited visibility and require a lot of manual work.


6 Reasons You Need to Run SCA Scans on Projects in VS Code

We love open-source software (OSS). Not only does it save time and effort, but it’s also incredibly rewarding to collaborate with other developers on major projects. Plus, it opens the door for innovation that otherwise wouldn’t be possible at this scale. However, with code comes responsibility, and so it’s imperative to understand the risk OSS libraries carry when we’re integrating them into projects.


CNCF accepts Kubescape as its first security and compliance scanner project

Kubescape, an end-to-end open-source Kubernetes security platform, embarks on a new journey. Kubescape, created by ARMO, will fully migrate to the CNCF. This coincides with the launch of ARMO Platform, a hosted, managed security solution powered by Kubescape.


How we differentiate ARMO Platform from Open Source Kubescape

In August 2021 we launched Kubescape with a mission to make Kubernetes security open source, simple, and available for everyone, even non-security engineers. Since then we have been working on adding new capabilities to Kubescape, while building a strong community around it. The recent acceptance of Kubescape by the CNCF, as a sandbox project, is another important milestone for ARMO’s open-source journey with Kubescape.


8 Best Secure Photo Apps in 2023

It would be maddening if someone looked over your private files on your phone. Imagine someone scrolls through your phone gallery without your permission and steals your secret files. How irritating that would be! Moreover, you never know what will happen if your photos get exposed. Someone could spread your private pictures on social media and use them for evil intentions that can lead to serious embarrassment or, in the worst scenario, severe crimes.


OSPO security evolution: The Kübler-Ross Model of open source

What’s in an OSPO? Open Source Program Offices are popping up all over, in recognition of the facts on the ground: open source software (and I would argue open standards as well) plays an enormous role in building and maintaining the software that increasingly drives the planet.