Gary O’Neall

Jan 31, 2024 | synopsys.com | Mike McGuire |Gary O’Neall |Patrick Carey |Jason Schmitt

The complexity of modern applications (think open source, proprietary and commercial code) makes the management of software supply chain security a business-critical effort. Robust software supply chain security requires a thorough understanding of your organization’s software components - a complete visibility into the makeup of your code - best achieved with a Software Bill of Materials (SBOM).

Nov 21, 2023 | synopsys.com | Don Mulrenan |Gary O’Neall |Phil Odence

Getting an inventory of your code versus an audit Black Duck® introduced the concept of managing open source, and the licensing and security risks that come with it, back in 2002. The process and the products have matured over the last two decades. Open source management has now become nearly as commonplace as source code control, whether development shops are using tools such as Black Duck or simply maintaining a spreadsheet of what is in their code.

Nov 7, 2023 | synopsys.com | Gary O’Neall |Patrick Carey |Jason Schmitt |Fred Bals

What do the Log4J zero-day vulnerability, the SolarWinds attack, and Alex Birsan’s hacking of Apple and Microsoft have in common? The answer is simple: software supply chain security. But while the answer may be simple, each example highlights a different aspect of software supply chain security. Definitions of software supply chain vary depending on who you’re talking to, and in what context, but simply put, securing the software supply chain means analyzing software from external sources.

Oct 27, 2023 | synopsys.com | Patrick Carey |Jason Schmitt |Fred Bals |Gary O’Neall

If software is an important part of your business and you need to comply with license terms and protect against security vulnerabilities, you need to know and track what is inside your software. Lists of software components and dependencies are typically referred to as Software Bills of Materials (SBOMs).