Hi [[ session.user.profile.firstName ]]

Black Duck Software

  • Date
  • Rating
  • Views
  • Reducing Open Source Risk and Remediation Costs Early in the SDLC Reducing Open Source Risk and Remediation Costs Early in the SDLC Pat Durante, Senior Director Education Services; John Beaudoin, Senior Instructional Designer Recorded: Feb 22 2017 74 mins
    Increasingly, organizations worldwide are implementing open source security and license risk assessment capabilities early in the software development lifecycle when the cost to remediate issues is lowest. This webinar will demonstrate Black Duck Hub’s effectiveness in providing comprehensive risk assessments when used in combination with our Eclipse IDE plugin, Build Tool, and CI Tool integrations. Additionally, we'll review valuable new features in Black Duck Hub 3.5.
    You’ll also learn:
    - How to improve the accuracy of your open source inventory by leverage open source dependency discovery techniques for build tools and package managers
    - Options for incorporating Hub scanning into your Continuous Integration environments
    - How to track remediation tasks using the Hub-Jira integration
    - How to streamline your component review process
    - Use cases for scanning binary repositories such as Artifactory
  • The 2016 Open Source Year in Review The 2016 Open Source Year in Review Karen Copenhaver, Partner, Choate Hall & Stewart/Counsel, Linux Foundation; Mark Radcliffe Partner, DLA Piper/Counsel OSI Recorded: Feb 1 2017 61 mins
    This annual review will highlight the most significant legal developments related to open source software in 2016, including:
    - Current litigation
    - An open source security update
    - Companies open sourcing their own code
    - FCC banning open source in routers
    Gain insights into these important legal developments from two of the leading open source legal experts, Karen Copenhaver, Partner at Choate Hall & Stewart and Counsel for the Linux Foundation, and Mark Radcliffe, Partner at DLA Piper and General Counsel for the Open Source Initiative.
  • Risk-Ranking Open Source Vulnerabilities Risk-Ranking Open Source Vulnerabilities Mike Pittenger, VP Security Strategy, Black Duck Recorded: Jan 19 2017 43 mins
    Increase security effectiveness and maintain dev agility

    Three certainties in 2017: organizations worldwide will continue to increase their use of open source software; new open source security vulnerabilities will be discovered; exploits of open source vulnerabilities will occur.

    With dev teams under constant pressure to accelerate application delivery and with security resources often scarce, organizations need more effective ways to determine which open source vulnerabilities to fix first and the options available to reduce risk during remediation.

    Join Black Duck VP of Security Strategy Mike Pittenger as he discusses strategies and emerging best practices for risk-ranking open source vulnerabilities. He will cover:
    - the most important considerations in prioritizing open source security issues
    - ways to determine the risk associated with a discovered open source vulnerability
    - options for dealing with open source security vulnerabilities beyond simply replacing the component
  • AppSec in 2017 – A Look into the Future AppSec in 2017 – A Look into the Future Poonam Yadav, Product Manager, HPE Security Fortify; Mike Pittenger, VP of Security Strategy, Black Duck Recorded: Dec 13 2016 59 mins
    Application security broke new ground in 2016. The shift to DevOps has driven the need for new technologies and different levels of integration across the development ecosystem. The focus is pulling all your organization’s technologies together and bring in products that easily and seamlessly fit into any environment, thereby further automating security while maintaining development agility. These enhancements deliver a more complete view of application-security health, making it possible to assess Static, Dynamic, Interactive and Open Source security in a single view.
     
    Advancements have been made but as we’ve learned, application security is ever changing. New technology trends – container adoption, IoT, for example – mean new security considerations and AppSec innovation must continue in 2017.

    In this webinar presented by experts from HPE Security Fortify and Black Duck, you'll learn about:

    - The major AppSec advancements in 2016 and their impact on software security health
    - New ways AppSec will evolve in the coming year, including the areas of remediation improvement and cloud integration, DevOps, and Continuous Integration
    - Check list of AppSec best practices for your 2017 toolbox
  • Got Open Source Questions? Get Practical, Actionable Advice from the Experts. Got Open Source Questions? Get Practical, Actionable Advice from the Experts. Karen Copenhaver, Partner, Choate Hall & Stewart/Counsel, Linux Foundation; Mark Radcliffe Partner, DLA Piper/Counsel OSI Recorded: Dec 7 2016 60 mins
    Despite open source software's long history - Linux just turned 25 - legal and risk questions about open source use still abound. Black Duck On-Demand Vice President & General Manager Phil Odence regularly fields open source-related questions as he speaks with tech executives and their counsel. Listen in as Phil goes through some of the most frequently asked questions and gets expert answers from Attorneys Karen Copenhaver and Mark Radcliffe. Both are well versed in the legal nuances of open source, and are able to turn their expertise into practical, actionable advice as they ably demonstrate in this webinar.
  • 5 Ways Black Duck Hub Can Improve Open Source Security & Compliance 5 Ways Black Duck Hub Can Improve Open Source Security & Compliance Pat Durante, Senior Director Education Services; John Beaudoin, Senior Instructional Designer; Dave Gruber, VP of Product Recorded: Dec 6 2016 54 mins
    During our next customer webinar, we’ll share expert tips and best practices on how to extract maximum value from the latest features available in Black Duck Hub. The new integrations and features help improve both open source security and compliance. You’ll learn how to:

    •Track remediation tasks using the new Hub-Jira integration
    •Leverage new open source discovery techniques for Ruby Gems and Node.js as well as build integrations for Maven/Gradle to improve the accuracy of your open source inventory
    •Customize your notices file so that all open source is properly attributed
    •Leverage the new Hub-Email Extension to push notifications via email
    •Incorporate Hub scanning into your Jenkins pipeline projects
  • The State of Open Source Security The State of Open Source Security Bob Canaway, CMO, Black Duck Recorded: Nov 30 2016 56 mins
    Open Source software is the foundation for application development today and its use is growing rapidly worldwide because of the development cost reductions and innovation it enables. Black Duck discovers open source in every application it analyzes and finds finds that 35% of the average commercial software application is open source. Home-grown applications typically contain 50% or more open source.

    The dramatic growth in open source use has been accompanied by an array of security and management challenges related to a lack of visibility into and control of the open source in use. Leading organizations are aggressively pursuing ways to continue to increase their use of open source and do so without compromising effective security or management.

    This webinar will present findings from Black Duck's Center for Open Source Research examining open source use, risks, and benefits. Black Duck CMO Bob Canaway will discuss the latest open source threats, usage patterns, governance, and the changing security and management needs as open source expands across the cloud, the Internet of Things, and the digital landscape.
  • Top 5 Open Source Issues - Stories from the M&A Trenches Top 5 Open Source Issues - Stories from the M&A Trenches Jim Markwith, Managing Partner at Symons Markwith LLP Recorded: Nov 16 2016 59 mins
    Open source risk is a significant issue for both buyers and sellers in M&A transactions. Although open source comprises 30-50% of the code in an average application, results from Black Duck open source audits are eye-opening: sellers rarely know what open source they’re using and there are often serious risks associated with open source components in code assets.

    In this webinar, Jim Markwith, a technology attorney who handles complex IP licensing transactions, and has been involved in scores of M&A deals, will discuss the top five open source issues that impact transactions. He will provide in-depth descriptions of the challenges encountered and their impact on the transaction, punctuating the presentation with insightful stories from the M&A trenches.
  • Myths and Misperceptions of Open Source Security Myths and Misperceptions of Open Source Security Mike Pittenger, VP of Security Strategy, Black Duck Recorded: Nov 10 2016 41 mins
    Businesses and governments worldwide increasingly rely on open source software to reduce development costs, get to market faster, and innovate. Despite its ubiquity, there are many management and security challenges that have accompanied the explosive growth in open source usage. Most organizations don’t know how much open source is in their applications or where it is in their code base. There is considerable confusion and misinformation about the what strategies and tools are needed to identify known open source vulnerabilities in the application code and assure the secure use of open source.

    Please join Black Duck's VP of Security Strategy Mike Pittenger as he unpacks the common myths and misperceptions surrounding open source use and learn best practices to secure and manage your open source, reduce risk from security vulnerabilities and increase efficiency within your SDLC.
  • Black Duck Container Security MasterClass - Security Response Process Black Duck Container Security MasterClass - Security Response Process Tim Mackey, Sr. Technology Evangelist; John Beaudoin, Sr. Instructional Design Recorded: Oct 27 2016 88 mins
    Container usage in production environments is becoming commonplace, increasing the need to design for security and develop security response processes. Doing so starts with a clear understanding of what software is running in the datacenter.

    This Container Security Master Class looks at how datacenter operations trends are combining to promote secure container deployments. Although these trends have the potential to abate risk, without a clear understanding of the applications and their dependencies, if a successful attack does occur, the scope of compromise can inadvertently increase.

Embed in website or blog