Black Duck Software Senior Director of Open Source Strategy Bill Weinberg to Speak at RVAsec Conference

Weinberg to address mitigating open source security risks through development, integration, distribution, and deployment

Burlington, MA, June 2, 2015 – Black Duck Software, the leading OSS Logistics solutions provider enabling the secure management of open source code, today announced that Bill Weinberg, the company’s Senior Director of Open Source Strategy, will present on mitigating open source security risks at the RVAsec Conference to be held in Richmond, VA, on June 4 and 5, 2015.

Weinberg, a technology industry veteran with more than 30 years of experience in open systems and enterprise software, will host the session “OSS Hygiene – Mitigating Security Risks from Development, Integration, Distribution and Deployment of Open Source Software.” His presentation will explore the requirements for secure development and deployment with open source software. Specifically, he will:

  • Highlight open source software adoption trends across IT, especially as those trends impact system and application security.
  • Review recent vulnerabilities in key open source components, and examine community and industry response.
  • Examine the open source security paradigm and challenges to it, including provenance, community expertise and oversight of vulnerabilities, and version proliferation and deprecation.
  • Present best practices in open source software management to promote application security.
  • Introduce the concept of “OSS Hygiene,” the cross integration of open source software (OSS) portfolio management and vulnerability databases as a means to reduce attack surfaces in applications integrating open source software components.

As a core part of the Black Duck team, Weinberg works with Black Duck’s Fortune 1000 customers to help them create sound approaches to enabling, building, and deploying software for intelligent devices, enterprise data centers, and cloud infrastructure. Prior to Black Duck, he was a founding team-member at MontaVista Software, where he pioneered Linux as leading platform for intelligent and mobile devices. He is a prolific author and speaker on topics spanning global open source software adoption to real-time computing, IoT, legacy migration, licensing, standardization, telecoms infrastructure, and mobile applications. (Learn more at

RVAsec is organized by security expert Chris Sullo, the author of the Nikto web scanner and co-founder, CFO, and treasurer of the Open Security Foundation, and Jake Kouns, co-founder and president of the Open Security Foundation and CISO of Risk Based Security. The event is aimed at security professionals from across the U.S. and highlights local Virginia talent, with a mix of technical and management presentations.

About Black Duck Software

Black Duck Software is the leading OSS Logistics solution provider, enabling enterprises of every size to securely manage open source code in the development of internal and external applications, and across the software supply chain. Black Duck solutions allow customers to optimize the opportunities that come with open source adoption and management. As part of the greater open source community, Black Duck connects developers to comprehensive open source software (OSS) resources through The Black Duck Open Hub (formerly Ohloh) and to the latest commentary from industry experts through the Open Source Delivers blog. Black Duck is headquartered in Boston and has offices in San Mateo, London, Paris, Frankfurt, Hong Kong, Tokyo, Seoul, and Beijing. For more information about how to leverage open source to deliver faster innovation, greater creativity, and improved efficiency, visit and follow the company at @black_duck_sw.