Hi [[ session.user.profile.firstName ]]
Sort by:
    • Assessing Open Source Risk: An Imperative for M&A Professionals
      Assessing Open Source Risk: An Imperative for M&A Professionals Phil Odence, Vice President & General Manager On-Demand Audits; Mike Pittenger, VP Security Strategy Recorded: Apr 19 2017 3:00 pm UTC 59 mins
    • Open source software use is ubiquitous worldwide, increasing the importance that M&A professionals understand the potential security, license compliance, and operational risks open source represents in today’s transactions.

      This webinar will detail findings in a recent report issued by Black Duck’s Center for Open Source Research and Innovation (COSRI) showing that most M&A target organizations are not effective in securing and managing their open source.

      Black Duck On-Demand audits hundreds of commercial code bases each year. The Open Source Security and Risk Analysis (OSSRA) will provide insight and results from over 1000 audits performed in 2016, including:

      - The number, age and severity of vulnerabilities in the open source components
      - The gap between the number of open source components used versus what the target company thought it was using
      - The prevalence of open source components using licenses that could put IP at risk

      Read more >
    • Litigating Open Source – Lessons learned from Hellwig and McHardy
      Litigating Open Source – Lessons learned from Hellwig and McHardy Mark Radcliffe, DLA Piper; Bernd Siebers, DLA Piper, Phil Odence, Black Duck Recorded: Mar 23 2017 3:30 pm UTC 62 mins
    • The next wave of open source compliance challenges is upon us. Historically, enforcement has been a community based effort with an emphasis on “doing the right thing”. In recent years, however, we have seen the emergence of private enforcement and enforcement driven by entities and individuals for purposes of economic gain. In some cases these actions are to enforce legitimate interests arising from, for instance, dual licensing models. In other cases, copyright “trolls” are pressing an agenda. In this webinar, Mark Radcliffe and Bernd Siebers will review some of the current litigation trends, evaluate how the different elements of the open source community are reacting to these trends and offer insights and strategies for avoiding the cross-hairs. This includes taking a closer look at open source cases litigated in 2016 in Germany, including the following questions:

      - Are we experiencing a shift in jurisprudence?
      - What should users and developers of open source software do to protect themselves?
      - What's the contribution of the open source community?

      Read more >
    • Before You Outsource, Protect Your IP & Mitigate Open Source Risks
      Before You Outsource, Protect Your IP & Mitigate Open Source Risks Jim Markwith, Managing Partner at Symons Markwith LLP Recorded: Apr 18 2017 3:30 pm UTC 60 mins
    • Today’s rapidly changing technologies, including the proliferation of open source and the accelerating shift to the cloud, are increasing the use of outside experts for both application development and IT solutions. At the same time, IP security is top of mind worldwide. This presentation will look at ways organizations can outsource to meet their development needs and also address open source security and management risks before giving contractors access to their valuable technologies.


      Jim's bio:

      Jim Markwith is an experienced technology and corporate transactions attorney with over 20 years of experience. His clients range from start-ups to fortune 50 technology leaders, including computer software, on-line retail, and Healthcare IT product and service developers. Prior to private practice, Jim held Executive and Senior in-house legal positions with Microsoft, Adobe Systems, and Allscripts Healthcare. Jim received his J.D. degree from Santa Clara University School of Law, and is a member of the California, Washington, DC, and Washington State Bar Associations.

      For more information on Jim, please click http://symonsmarkwith.com/jim-markwith. For questions about this presentation, or for more information on available legal support, please contact Jim at jim@symonsmarkwith.com.

      Read more >
    • The Case for Continuous Open Source Management
      The Case for Continuous Open Source Management Bob Genshaft, Wolters Kluwer; Phil Odence, Black Duck Software Recorded: Mar 22 2017 3:00 pm UTC 45 mins
    • Companies are constantly seeking ways to ensure their application code is secure and effectively managed. For example, M&A acquirers conduct one-time code audits on companies they are buying to avoid legal, operational or security pitfalls. Other organizations are proactive, using an ongoing solution to make sure their application code is secure and well managed on a day-to-day basis. Increasingly, many companies are opting to use both approaches.

      Join Bob Genshaft, Director Strategic Programs at Wolters Kluwer, and Black Duck's VP and General Manager On-Demand Audits Phil Odence for a discussion that will address key open source security and management questions:

      · When is it appropriate to conduct an audit?
      · When should your company consider an ongoing solution?
      · What are the benefits of doing both?

      Read more >
    • Reducing Open Source Risk and Remediation Costs Early in the SDLC
      Reducing Open Source Risk and Remediation Costs Early in the SDLC Pat Durante, Senior Director Education Services; John Beaudoin, Senior Instructional Designer Recorded: Feb 22 2017 4:00 pm UTC 74 mins
    • Increasingly, organizations worldwide are implementing open source security and license risk assessment capabilities early in the software development lifecycle when the cost to remediate issues is lowest. This webinar will demonstrate Black Duck Hub’s effectiveness in providing comprehensive risk assessments when used in combination with our Eclipse IDE plugin, Build Tool, and CI Tool integrations. Additionally, we'll review valuable new features in Black Duck Hub 3.5.
      You’ll also learn:
      - How to improve the accuracy of your open source inventory by leverage open source dependency discovery techniques for build tools and package managers
      - Options for incorporating Hub scanning into your Continuous Integration environments
      - How to track remediation tasks using the Hub-Jira integration
      - How to streamline your component review process
      - Use cases for scanning binary repositories such as Artifactory

      Read more >
    • Risk-Ranking Open Source Vulnerabilities
      Risk-Ranking Open Source Vulnerabilities Mike Pittenger, VP Security Strategy, Black Duck Recorded: Jan 19 2017 4:00 pm UTC 43 mins
    • Increase security effectiveness and maintain dev agility

      Three certainties in 2017: organizations worldwide will continue to increase their use of open source software; new open source security vulnerabilities will be discovered; exploits of open source vulnerabilities will occur.

      With dev teams under constant pressure to accelerate application delivery and with security resources often scarce, organizations need more effective ways to determine which open source vulnerabilities to fix first and the options available to reduce risk during remediation.

      Join Black Duck VP of Security Strategy Mike Pittenger as he discusses strategies and emerging best practices for risk-ranking open source vulnerabilities. He will cover:
      - the most important considerations in prioritizing open source security issues
      - ways to determine the risk associated with a discovered open source vulnerability
      - options for dealing with open source security vulnerabilities beyond simply replacing the component

      Read more >
    • The State of Open Source Security
      The State of Open Source Security Bob Canaway, CMO, Black Duck Recorded: Nov 30 2016 4:00 pm UTC 56 mins
    • Open Source software is the foundation for application development today and its use is growing rapidly worldwide because of the development cost reductions and innovation it enables. Black Duck discovers open source in every application it analyzes and finds finds that 35% of the average commercial software application is open source. Home-grown applications typically contain 50% or more open source.

      The dramatic growth in open source use has been accompanied by an array of security and management challenges related to a lack of visibility into and control of the open source in use. Leading organizations are aggressively pursuing ways to continue to increase their use of open source and do so without compromising effective security or management.

      This webinar will present findings from Black Duck's Center for Open Source Research examining open source use, risks, and benefits. Black Duck CMO Bob Canaway will discuss the latest open source threats, usage patterns, governance, and the changing security and management needs as open source expands across the cloud, the Internet of Things, and the digital landscape.

      Read more >
    • Myths and Misperceptions of Open Source Security
      Myths and Misperceptions of Open Source Security Mike Pittenger, VP of Security Strategy, Black Duck Recorded: Nov 10 2016 4:00 pm UTC 41 mins
    • Businesses and governments worldwide increasingly rely on open source software to reduce development costs, get to market faster, and innovate. Despite its ubiquity, there are many management and security challenges that have accompanied the explosive growth in open source usage. Most organizations don’t know how much open source is in their applications or where it is in their code base. There is considerable confusion and misinformation about the what strategies and tools are needed to identify known open source vulnerabilities in the application code and assure the secure use of open source.

      Please join Black Duck's VP of Security Strategy Mike Pittenger as he unpacks the common myths and misperceptions surrounding open source use and learn best practices to secure and manage your open source, reduce risk from security vulnerabilities and increase efficiency within your SDLC.

      Read more >
    • Top 5 Open Source Issues - Stories from the M&A Trenches
      Top 5 Open Source Issues - Stories from the M&A Trenches Jim Markwith, Managing Partner at Symons Markwith LLP Recorded: Nov 16 2016 4:30 pm UTC 59 mins
    • Open source risk is a significant issue for both buyers and sellers in M&A transactions. Although open source comprises 30-50% of the code in an average application, results from Black Duck open source audits are eye-opening: sellers rarely know what open source they’re using and there are often serious risks associated with open source components in code assets.

      In this webinar, Jim Markwith, a technology attorney who handles complex IP licensing transactions, and has been involved in scores of M&A deals, will discuss the top five open source issues that impact transactions. He will provide in-depth descriptions of the challenges encountered and their impact on the transaction, punctuating the presentation with insightful stories from the M&A trenches.

      Read more >
    • 2016 Open Source Risk Report – Key Findings for M&A Professionals
      2016 Open Source Risk Report – Key Findings for M&A Professionals Phil Odence, Vice President & General Manager On-Demand Audits; Mike Pittenger, VP Security Strategy Recorded: Oct 26 2016 3:00 pm UTC 59 mins
    • Open source has been adopted by organizations across all industries, including software, systems, and cloud services. How much open source is used, along with the license, security, and operational risks posed by unmanaged use of open source, is a question M&A professionals need to consider in every transaction.
      This webinar will provide insight from real world data abstracted from Black Duck M&A audits. The data covers hundreds of systems and commercial applications, the code assets of recent acquisition targets, and will illuminate why acquirers should understand exactly what is in the code base before closing the deal. Data will include:
      - The composition of open source v. proprietary code in the average code base
      - The gap between the number of open source components used vs. what was known by the target
      - The prevalence of components using licenses that could put IP at risk
      - Number and age of security vulnerabilities in the open source components
      - An understanding of which components have underactive support communities

      Read more >
    • Open Source Security Management with Black Duck Hub: Best Practices
      Open Source Security Management with Black Duck Hub: Best Practices Pat Durante, Senior Director Education Services; John Beaudoin, Sr. Instructional Designer; Dave Gruber, VP of Products Recorded: Aug 3 2016 3:00 pm UTC 58 mins
    • Join us for our next customer webinar where we’ll share expert tips and best practices on how to extract maximum value from your Black Duck Hub implementation through automation.
       
      Even before you scan your first line of code, Black Duck Hub brings value to your organization. This includes the ability to define strategies around users and user roles, project and policy management in order to simplify and streamline your organization’s open source security management. You’ll also learn how to integrate Hub and its security features more tightly into your continuous code development and DevOps ecosystem to bring you from a simple, reactive scanning approach to a more mature, automated one for managing open source use across your organization.
       
      You Will Learn
      • How to architect the right user, project, and policy management for maximum impact.
      • Ways to incorporate Hub scanning into your continuous code development and DevOps lifecycle.
      •Leveraging Black Duck Hub integrations with DAST/SAST security testing tools for enhanced application security.
      • Best practices for interpreting your Hub scanning results and establishing a triage policy to deal with open source issues that need remediation.
      • Ways to leverage the built-in and third-party resources to speed up the remediation process.
      • How Black Duck Hub can help you move from a reactive approach to open source management to an automated one.

      Following the demonstration, we’ll leave plenty of time for you to ask our product experts questions. 

      Read more >
    • 2016 Open Source Security Audit Report for Commercial Applications
      2016 Open Source Security Audit Report for Commercial Applications Mike Pittenger, VP of Security Strategy, Black Duck Recorded: Jun 23 2016 3:00 pm UTC 36 mins
    • Recent Black Duck On-Demand security audits of 200 commercial applications confirm the importance of open source in application development, but also highlight the persistent challenges organizations face in effectively securing and managing their open source. Black Duck’s Open Source Security Audit Report reveals that on average the applications contained more than twice as much open source as the organizations thought, and that 67% of the audited applications contained known open source vulnerabilities.
      In this 30-minute webinar, Black Duck VP of Security Strategy Mike Pittenger will review the audit findings and discuss strategies companies can use to minimize security risk while maximizing the economic and productivity value open source provides.

      Read more >
    • Strategies for Managing Open Source Security Risk
      Strategies for Managing Open Source Security Risk Peter McLaughlin, David A. Wheeler, Karen Copenhaver, Mark Radcliffe Recorded: Jun 22 2016 3:30 pm UTC 64 mins
    • Open source-savvy lawyers have long advised their clients on managing risk by attending to compliance processes. But, insight into the open source and other third party code used in a code base is also critical to managing security risks.

      Join Phil Odence, Vice President and General Manager at Black Duck Software, as he moderates a panel on the strategies you should have in place to manage the security of open source components in applications and containers.

      DLA Piper security expert Peter McLaughlin will discuss the legal underpinnings of cyber security. David A. Wheeler, security research expert for the Institute for Defense Analyses (IDA) will explore the Linux Foundation's Core Infrastructure Initiative to ensure the security of open source projects.

      Read more >
    • Deliver Real Value with Open Source Business Optimization Technology
      Deliver Real Value with Open Source Business Optimization Technology Geoffrey De Smet, founder and project lead, OptaPlanner Recorded: Feb 16 2017 8:00 pm UTC 63 mins
    • The world is full of scheduling problems: employees to shifts, delivery routes to vehicles, aircraft and crews to flights, and manufacturing jobs to machines, just to name a few. Solving these problems optimally is often key to a businesses’ success, and yet the technology and knowledge needed to do it is often only available to the largest of enterprises. Until now.

      Red Hat® JBoss® BRMS includes a business resource planner based on the popular OptaPlanner open source project. It offers a range of powerful optimization algorithms that enable regular Java™ developers to quickly build solvers for many common optimization problems.

      Watch this webcast with the OptaPlanner to:
      - Work through some actual examples and use cases whose solutions demonstrate business benefits.
      - Leave equipped with tools and resources to start solving your own business planning problems.
      - Discover how digital transformation and open source are changing the face of business and IT operations

      Read more >