Hi [[ session.user.profile.firstName ]]
Sort by:
    • Myths and Misperceptions of Open Source Security Myths and Misperceptions of Open Source Security Mike Pittenger, VP of Security Strategy, Black Duck Upcoming: Nov 3 2016 3:00 pm UTC 60 mins
    • Businesses and governments worldwide increasingly rely on open source software to reduce development costs, get to market faster, and innovate. Despite its ubiquity, there are many management and security challenges that have accompanied the explosive growth in open source usage. Most organizations don’t know how much open source is in their applications or where it is in their code base. There is considerable confusion and misinformation about the what strategies and tools are needed to identify known open source vulnerabilities in the application code and assure the secure use of open source.

      Please join Black Duck's VP of Security Strategy Mike Pittenger as he unpacks the common myths and misperceptions surrounding open source use and learn best practices to secure and manage your open source, reduce risk from security vulnerabilities and increase efficiency within your SDLC.

      Read more >
    • 2016 Open Source Risk Report – Key Findings for M&A Professionals 2016 Open Source Risk Report – Key Findings for M&A Professionals Phil Odence, Vice President & General Manager On-Demand Audits; Mike Pittenger, VP Security Strategy Recorded: Oct 26 2016 3:00 pm UTC 59 mins
    • Open source has been adopted by organizations across all industries, including software, systems, and cloud services. How much open source is used, along with the license, security, and operational risks posed by unmanaged use of open source, is a question M&A professionals need to consider in every transaction.
      This webinar will provide insight from real world data abstracted from Black Duck M&A audits. The data covers hundreds of systems and commercial applications, the code assets of recent acquisition targets, and will illuminate why acquirers should understand exactly what is in the code base before closing the deal. Data will include:
      - The composition of open source v. proprietary code in the average code base
      - The gap between the number of open source components used vs. what was known by the target
      - The prevalence of components using licenses that could put IP at risk
      - Number and age of security vulnerabilities in the open source components
      - An understanding of which components have underactive support communities

      Read more >
    • Open Source Security Management with Black Duck Hub: Best Practices Open Source Security Management with Black Duck Hub: Best Practices Pat Durante, Senior Director Education Services; John Beaudoin, Sr. Instructional Designer; Dave Gruber, VP of Products Recorded: Aug 3 2016 3:00 pm UTC 58 mins
    • Join us for our next customer webinar where we’ll share expert tips and best practices on how to extract maximum value from your Black Duck Hub implementation through automation.
      Even before you scan your first line of code, Black Duck Hub brings value to your organization. This includes the ability to define strategies around users and user roles, project and policy management in order to simplify and streamline your organization’s open source security management. You’ll also learn how to integrate Hub and its security features more tightly into your continuous code development and DevOps ecosystem to bring you from a simple, reactive scanning approach to a more mature, automated one for managing open source use across your organization.
      You Will Learn
      • How to architect the right user, project, and policy management for maximum impact.
      • Ways to incorporate Hub scanning into your continuous code development and DevOps lifecycle.
      •Leveraging Black Duck Hub integrations with DAST/SAST security testing tools for enhanced application security.
      • Best practices for interpreting your Hub scanning results and establishing a triage policy to deal with open source issues that need remediation.
      • Ways to leverage the built-in and third-party resources to speed up the remediation process.
      • How Black Duck Hub can help you move from a reactive approach to open source management to an automated one.

      Following the demonstration, we’ll leave plenty of time for you to ask our product experts questions. 

      Read more >
    • 2016 Open Source Security Audit Report for Commercial Applications 2016 Open Source Security Audit Report for Commercial Applications Mike Pittenger, VP of Security Strategy, Black Duck Recorded: Jun 23 2016 3:00 pm UTC 36 mins
    • Recent Black Duck On-Demand security audits of 200 commercial applications confirm the importance of open source in application development, but also highlight the persistent challenges organizations face in effectively securing and managing their open source. Black Duck’s Open Source Security Audit Report reveals that on average the applications contained more than twice as much open source as the organizations thought, and that 67% of the audited applications contained known open source vulnerabilities.
      In this 30-minute webinar, Black Duck VP of Security Strategy Mike Pittenger will review the audit findings and discuss strategies companies can use to minimize security risk while maximizing the economic and productivity value open source provides.

      Read more >
    • Strategies for Managing Open Source Security Risk Strategies for Managing Open Source Security Risk Peter McLaughlin, David A. Wheeler, Karen Copenhaver, Mark Radcliffe Recorded: Jun 22 2016 3:30 pm UTC 64 mins
    • Open source-savvy lawyers have long advised their clients on managing risk by attending to compliance processes. But, insight into the open source and other third party code used in a code base is also critical to managing security risks.

      Join Phil Odence, Vice President and General Manager at Black Duck Software, as he moderates a panel on the strategies you should have in place to manage the security of open source components in applications and containers.

      DLA Piper security expert Peter McLaughlin will discuss the legal underpinnings of cyber security. David A. Wheeler, security research expert for the Institute for Defense Analyses (IDA) will explore the Linux Foundation's Core Infrastructure Initiative to ensure the security of open source projects.

      Read more >
    • Application Security: 6 Myths of Open Source Management Application Security: 6 Myths of Open Source Management Chester Liu, Black Duck Software Recorded: May 25 2016 3:00 pm UTC 37 mins
    • The recent high-profile “Panama Papers” exploit, which resulted in the theft of 2.6 terabytes of data from the Mossack Fonseca law firm, highlighted the firm’s failure to effectively secure and manage its open source software.
      Although the exploited component has yet to be pinpointed, the breach investigation has revealed that Mossack Fonseca was delinquent in patching known open source vulnerabilities in both Drupal and Wordpress. This lapse exposed sensitive client information.
      Open source software is an essential element in application development today and this breach raises the question: What are the best practices for securing and managing open source to avoid exploitation? This webcast will detail the processes organization can implement to secure and manage their open source to reduce risk from security vulnerabilities.

      Read more >
    • Future of Open Source Survey  2016 Results Future of Open Source Survey 2016 Results Black Duck Software and North Bridge Recorded: Apr 27 2016 6:00 pm UTC 61 mins
    • Please join us to learn the results of the 2016 Future of Open Source Survey.

      Today, open source drives technology and development forward. Its adoption worldwide is visible in companies ranging in size from a single employee to companies like Microsoft and Apple. All of these organizations rely on open source to innovate, reduce development costs, and speed time to market. In this evolving market, important questions remain about open source management, security, policies and procedures, and governance.

      The Future of Open Source Survey includes input from new players, established leaders, and influencers across vertical markets and communities. This range of respondents drives broad industry awareness and discussions of key issues.

      Please join these industry influencers as they review the top level results from the survey, and bring your questions.

      Jeffrey Hammond - Forrester Research @jhammond
      Paul Santinelli - North Bridge @paulsantinelli
      Bill Ledingham - Black Duck Software @bill_ledingham
      Jay Jay Billings - Oak Ridge National Laboratory @jayjaybillings

      Follow the conversation on Twitter, using the hashtag #FutureOSS

      Read more >
    • From Open Source Compliance to Security – Protect With Black Duck From Open Source Compliance to Security – Protect With Black Duck Pat Durante, Dean Vassiliou, Dave Gruber Recorded: Mar 31 2016 3:00 pm UTC 21 mins
    • Join us for the very first in a series of highly interactive webinars to learn why managing open source vulnerabilities has become the top concern of many corporations today. Having survived a few high-profile vulnerabilities such as Heartbleed, Shellshock, and Ghost, the need to more proactively manage the open source software used to build your own applications has become paramount. In this webinar, our experts will demonstrate how you can leverage your existing investment in Black Duck Protex and Code Center and quickly get visibility and control of these types of security risks by using our next-generation platform – The Black Duck Hub. After a fast-paced demonstration, we’ll leave plenty of time for you to ask our experts questions. We’ll also provide you with a preview of the next webinar in the series which will showcase brand new policy management capabilities in the Black Duck Hub.

      You Will Learn How To:
      -Identify open source security vulnerabilities in minutes with your Protex BOM and the new Black Duck Hub
      -Address high profile vulnerabilities more quickly using Black Duck Hub notifications
      -Track remediation of open source vulnerabilities in your projects

      Read more >
    • OpenDaylight Controller: Redefining SDN through Open Source OpenDaylight Controller: Redefining SDN through Open Source Ajay Chhabria, Software Test Engineer, and Sai MarapaReddy, Software Engineer, Brocade Recorded: Sep 22 2016 5:00 pm UTC 59 mins
    • The new age of Software-Defined Networks is upon us. Of them, open source projects through common platforms. OpenDaylight is an Open Source Software project under the Linux Foundation with the goal of furthering the adoption and innovation of Software Defined Networking (SDN) through the creation of a common industry supported platform.

      OpenDaylight Controller project contains more than 48 individual projects, out of which L2Switch & BGP LS PCEP are two important projects.

      BGP LS PCEP :- BGP LS PCEP project is an effort to bring two south-bound plugins into the controller: one for supporting BGP Linkstate Distribution as a source of L3 topology information, the other one to add support for Path Computation Element Protocol as a way to instantiate paths into the underlying network.

      L2switch project provides basic Layer2 switch functionalities. It also consists of reusable services (packet-handler, address tracker. flow writer) which further supports L2 switch functionalities.

      Join experts from Brocade and the OpenDaylight project to learn how software-defined networking has evolved, projects you can implement, and what to look out for in the future.

      Read more >
    • Potential water sources for coal-fired power plants Potential water sources for coal-fired power plants Anne Carpenter Recorded: Jul 13 2016 11:00 am UTC 34 mins
    • Global energy demand is rising, while water is becoming a scarcer commodity in many parts of the world due to over-exploitation, droughts, heat waves, and other factors. Meeting the growing demand will place
      increasing stress on limited fresh water resources. The power generation industry is typically the largest industrial user of fresh water in a country. Consequently, the vulnerability of the power generation
      industry to constraints in water availability can be expected to increase. Hence non-fresh water sources will become increasingly important. This report examines the availability and use of potential non-fresh water sources in China, India, South Africa and the USA. These are the four top thermal coal consuming countries in the world. The alternative sources are municipal waste water, brackish and sea water, mine
      water, produced water from oil and gas wells (including coalbed methane wells), and water extracted from deep saline aquifers during CO2 storage. In certain cases, and with suitable design of the on-site
      water treatment plant, a coal-fired power plant could become a supplier of both energy and fresh water, instead of a water consumer.

      Read more >