
SBOM: What’s in your software ingredients list?
With an average of 500 components in an application, it’s difficult to know what’s in your software. The right security tools and expertise are here to help. A software Bill of Materials (SBOM) is an inventory of what makes up a software application: the “ingredients list” of everything in it. There’s pressure today for companies …
Continue reading “SBOM: What’s in your software ingredients list?”

The top three differences between an open source audit and an open source scan
Understanding the differences between an open source audit and an open source scan will help you determine which approach is best for your organization. One of the biggest challenges of helping organizations determine the correct approach to managing their open source usage is the range of risk profiles, standards, and even definitions of “audits” and …
Continue reading “The top three differences between an open source audit and an open source scan”

Custom and variant licenses: What’s in the fine print?
An open source audit reveals much about modern software. A thorough one will draw attention to license issues that go beyond typical open source license conflicts. The baseline finding of an audit is a complete, accurate software Bill of Materials (SBOM) of open source and third-party software in the code. That’s table stakes to providing analysis about …
Continue reading “Custom and variant licenses: What’s in the fine print?”

I have my Black Duck Audit reports; What’s next?
Get the most out of your Black Duck Open Source Audit by understanding the report components and next steps you need to take. Black Duck® Open Source Audit reports provide a tremendous amount of information. We have been performing audits and delivering results to customers for over 15 years, and we continue to seek to …
Continue reading “I have my Black Duck Audit reports; What’s next?”

Understanding the hows and whys of open source audits
If you’re part of a modern business that does any software development, your dev teams are using open source components to move quickly, save money, and leverage community innovation. If you’re a law firm or a consultant, your clients use open source. And if you’re on the lookout for your next acquisition, you’ll be evaluating …
Continue reading “Understanding the hows and whys of open source audits”