MI-X | Am I Exploitable
Take a deep dive into Rezilion's open source tool, MI-X or Am I Exploitable. Learn what the tool is, what makes it unique, and watch a demo that shows the tool detecting Log4Shell.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
Open Source
Introducing IaC Security from Black Duck
Black Duck’s newest release delivers all-new, lightning-fast infrastructure-as-code (IaC) scanning capabilities. The news is just in, and it’s big: Black Duck now offers IaC scanning functionality. With no additional licenses required, this capability is available immediately for all existing Black Duck customers. Let’s dig into exactly what this means for you, how it helps your existing security efforts, and what you can expect in the months to come.
Addressing cybersecurity challenges in open source software with the Linux Foundation
Snyk recently partnered with the Linux Foundation to produce a report focusing on the state of security in the open source software (OSS) space. The report was based on 550+ survey responses and 15 interviews with OSS maintenance and cybersecurity experts. Following the report’s publication, experts from Snyk held a webinar with the Linux Foundation to discuss some of the key insights.
Be enterprise-ready: Three reasons not to build enterprise features!
If you are thinking about building features to be enterprise-ready, there are typically two paths that brought you here: Either way, you need to be aware that selling to enterprises is super exciting, especially if you like to play golf and you are ok with a long sales cycle - it could easily take you up to three years to close a deal. Enterprises can be scared to give startups a chance and startups often lose out to more established businesses.
Top open source licenses and legal risk for developers
Learn about the top open source licenses used by developers, including the 20 most popular open source licenses, and their legal risk categories. If you’re a software developer, you probably use open source components and libraries to build software. You know those components are governed by different open source licenses, but do you know all the license details? In particular, do you know the sometimes-convoluted licensing conditions that could pose compliance challenges?
The M&A Open Source Risk Number
Find out what our audit services team unearthed in the 2,400+ codebases we reviewed in 2021. Spoiler alert: In 2021, audits found open source in 100% of our customer engagements. Regular readers know that Synopsys recently published the seventh edition of the “Open Source Security and Risk Assessment” (OSSRA) report. We think it provides the best information available about usage of open source in the wild, and the frequency of open source risks.
AppSec Decoded: Get the most out of your open source software | Synopsys
Watch our latest edition of AppSec Decoded as Tim Mackey, principal security strategist at Synopsys Cybersecurity Research Center, and Taylor Armerding, security advocate at Synopsys Software Integrity Group, discuss the value of Black Duck® by Synopsys audit services in the M&A world, and ways to reap the benefits of your open source software without falling victim to the risks.
Snyk Live : Legal Side of Open Source Use with Yos Pang
Open source use has spread rapidly throughout the world. With many governments, businesses and consumers utilising open source libraries and platforms on a daily basis. As the adoption of open source has increased there are many legal aspects to consider including licensing, compliance and more. This special episode of Snyk Live we are joined by Snyk Head of APJ Legal, Yos Pang. Yos is an international, commercial technology lawyer, with a strong background in intellectual property and a particular interest in open source and open content issues.
New Research from Snyk and The Linux Foundation Reveals Significant Security Concerns Resulting from Open Source Software Ubiquity
The State of Open Source Security Highlights Many Organizations Lacking Strategies to Address Application Vulnerabilities Arising from Code Reuse.
Announcing the 2022 State of Open Source Security report from Snyk and the Linux Foundation
Open source software is a key component in modern applications. It has created a new era in software development, promoting a free exchange of ideas within the developer community and enabling developers to build more functional software, faster than ever. Based on most estimates, 70-90% of any piece of modern software includes open source code.