Enterprise or Open Source: Which SAST Tool Is Right for You?


Static application security testing (SAST) is an essential part of any secure development workflow. But not all SAST tools are created equal. It’s crucial that you weigh your options carefully when choosing a SAST tool to avoid unnecessary costs in the future. This white paper compares open source and enterprise SAST solutions and provides relevant information to help you select the option th... » read more

The Challenge Of RISC-V Compliance


The open-source RISC-V instruction set architecture (ISA) continues to gain momentum, but the flexibility of RISC-V creates a problem—how do you know if a RISC-V implementation fits basic standards and can play well with other implementations so they all can run the same ecosystem? In addition, how do you ensure that ecosystem development works for all implementations and that all cores that ... » read more

Open Source in M&A Due Diligence


Most companies involved with technology M&A understand the danger of open source risks in software. Today’s software contains significant amounts of open source—on average more than 50%, according to a 2018 Synopsys report. There are several ways to assess and manage open source risk in a transaction, with some more effective than others. Similarly, there are several approaches to open s... » read more

Managing and Securing Open Source Software in the Automotive Industry


Open source software is a significant contributor to the rapid evolution of modern technologies across every industry, and automotive is no exception. Black Duck by Synopsys software audits have revealed open source components in 23% of automotive applications. It’s prudent to consider the risks associated with inadequate application security risk management practices and the threat of mal... » read more

Why Invest in Automated Open Source License Management?


Software is a major component of life around us. It is at the heart of communications, transportation, safety, health, food, agriculture, defense, entertainment and virtually every other industry that one way or other touches us every day. Resourceful software development organizations and developers use a combination of previously created code, commercial software and open source software, and... » read more

The Week in Review: IoT


Finance Toronto-based Ecobee, which markets smart thermostats, raised $61 million in its Series C funding, bringing the total funding for the 11-year-old company to $146 million. Energy Impact Partners led the new round and was joined by Amazon’s Alexa Fund, Relay Ventures, and Thomvest. Ecobee counts Nest Labs, the Google subsidiary, as its chief rival. ThoughtWire, also headquartered in... » read more

2017 Coverity Scan Report


Today, open source software (OSS) development is one of the primary driving forces of technological innovation. From artificial intelligence to the Internet of Things, autonomous driving, and cloud computing infrastructure, OSS plays a pivotal role in the evolution of a wide range of technologies. But what are the implications of its dominance? To answer this, we review what we’ve learn... » read more

Blog Review: Feb. 7


Cadence's Paul McLellan checks out why DARPA's excited about open-source IP at last year's RISC-V conference. Synopsys' Richard Solomon checks out what's new in PCIe 4.0, from the 16GT/s data rate to lane margining. Mentor's Colin Walls shares another set of tips for embedded software developers, including when to use [ ] and exception handling. Arm's Jason Andrews presents a tutorial ... » read more

Safety, Security And Open Source In The Automotive Industry


Today’s cars are as much defined by the power of their software as the power of their engines. Almost any car feature you can name is now digitized to provide drivers with easier operation and better information. Technological innovation is accelerating, enabling automobiles to monitor and adjust their position on the highway, alerting drivers if they’re drifting out of their lane, even aut... » read more

The Week In Review: Design


M&A Synopsys will acquire Black Duck Software, a provider of software for securing and managing open source software. Synopsys already has a stake in this area from its Coverity acquisition in 2014, which it has been using to analyze security practices in open source software. Founded in 2003 and headquartered in Massachusetts, Black Duck's products automate the process of identifying and ... » read more

← Older posts