Resources


Reports & Analysis

eBook: Four Levels of Open Source Risk Management

Measure your organization against the four levels of risk maturity, a model to evaluate the vulnerability and licensing risks you may be exposed to in your use of open source.

Learn More
Webinars

Risk-Ranking Open Source Vulnerabilities

Three certainties in 2017: organizations worldwide will continue to increase their use of open source software; new open source security vulnerabilities will be discovered; exploits of open source vulnerabilities will occur.

Learn More
Webinars

Create a Unified View of Your Application Security Program

Effective application security programs rely on multiple sources for vulnerability data – from traditional static and dynamic testing, interactive testing, to manual and 3rd-party testing. Unfortunately, many organizations fail to consider the impact of open source software use and reuse on their security posture. This webinar will demonstrate how Black Duck Hub can identify security issues associated with open source usage and how ThreadFix’s correlation engine can provide a comprehensive view of an organization’s application security posture. In addition, the webinar demonstrates how ThreadFix’s HotSpot detection technology identifies security issues created by internally developed components – providing a complete of both open source and proprietary component usage.

Learn More
Webinars

AppSec in 2017 – A Look into the Future

The shift to DevOps has driven the need for new technologies and different levels of integration across the development ecosystem.

Learn More
Infographics

Four Levels of Open Source Risk Management

Measure your organization's maturity against the four levels of open source risk

Learn More
Webinars

Got Open Source Questions? Get Practical, Actionable Advice from the Experts.

Despite open source software's long history - Linux just turned 25 - legal and risk questions about open source use still abound.

Learn More