Mike McGuire

Featured in: Favicon

techcrunch.com Favicon

securityboulevard.com Favicon

synopsys.com Favicon

cxotoday.com Favicon

cybersecuritydive.com Favicon

busycontinent.com Favicon

tbtech.co

cybersecurityasean.com

Articles

How generative AI tools reignite risk in code snippets

Jul 24, 2024 | synopsys.com | Patrick Carey |Fred Bals |Mike McGuire |Taylor Armerding

Code snippets copied from copyleft-licensed open source projects represented the biggest risk in software 15 years ago. The Heartbleed vulnerability, discovered in April 2014, brought to the fore concerns about the security of open source components, and license risk took a bit of a back seat. But the problem never went away. Now, the advent of Generative AI as a tool for writing software is shining a new light on the issue.
5 considerations for securing your software supply chain

May 8, 2024 | cybersecuritydive.com | Mike McGuire

Your software supply chain comprises everything that touches an application or plays a role in its assembly, development, and deployment. It also includes proprietary code and components created by your development team, as well as the infrastructure used to build and deliver that software to your end user. Here are five areas of consideration that should drive your security activities.
Five considerations for securing your software supply chain

May 6, 2024 | cybersecuritydive.com | Mike McGuire

Your software supply chain comprises everything that touches an application or plays a role in its assembly, development, and deployment. It also includes proprietary code and components created by your development team, as well as the infrastructure used to build and deliver that software to your end user. Here are five areas of consideration that should drive your security activities.
Securing the software supply chain with Black Duck Supply Chain Edition

Apr 9, 2024 | securityboulevard.com | Mike McGuire

Black Duck Supply Chain Edition Enter Black Duck ® Supply Chain Edition. This new offering provides expanded visibility, security controls, and compliance to your existing supply chain security activities. Here are some of the key capabilities. Comprehensive open source discoveryWith the majority of the software supply chain comprised of open source, failure to properly track and manage it equates to a glaring gap in any risk management strategy.
Black Duck Supply Chain Edition

Apr 9, 2024 | synopsys.com | Mike McGuire |Taylor Armerding |Fred Bals |Tim Mackey

Each year, our "Open Source Security and Risk Analysis” (OSSRA) report highlights the fact that open source software (OSS) plays a critical and substantial role in modern application development, and it is therefore foundational to the software supply chain. The prevalence of OSS within commercial applications makes it difficult to track, and that makes it difficult to manage the risk that it may introduce.
Top Open Source Licenses and Legal Risk

Apr 1, 2024 | synopsys.com | Vishrut Iyengar |Fred Bals |Mike McGuire

Software supply chain management requires license as well as security compliance If you’re a software developer, you’re probably using open source components and libraries to build software. You know those components are governed by different open source licenses, but do you know all the license details? In particular, do you know the sometimes-convoluted licensing conditions that could pose compliance challenges for your organization?
2024 OSSRA Report: Key Open Source Trends Decoded

Mar 22, 2024 | synopsys.com | Fred Bals |Tim Mackey |Mike McGuire

Software may not be as universal as the air we breathe, but it’s getting close. We all depend on it in multiple ways—if you’re a business, even if you’re not selling a software product, you’re still using it to run your operations. And most of that software is open source. It’s not only present in nearly every codebase now in use, but it also amounts to an average of about 77% of the components in those codebases.
How to generate a software bill of materials

Jan 31, 2024 | synopsys.com | Mike McGuire |Gary O’Neall |Patrick Carey |Jason Schmitt

The complexity of modern applications (think open source, proprietary and commercial code) makes the management of software supply chain security a business-critical effort. Robust software supply chain security requires a thorough understanding of your organization’s software components - a complete visibility into the makeup of your code - best achieved with a Software Bill of Materials (SBOM).
The Benefits of Business Logic Assessments

Oct 23, 2023 | synopsys.com | Matthew Hogg |Mike McGuire |Charlotte McGuinn Freeman |Moshe Apelbaum

The digital realm is an ever-expanding universe, and web applications serve as the gateway to valuable customer data, sensitive information, and financial transactions. Threat actors and cybercriminals are constantly devising new techniques to exploit vulnerabilities within these applications. Further, data privacy is a paramount concern, and organizations are entrusted with safeguarding information.
A warning to software founders developing apps with lean teams and open source code

Oct 19, 2023 | newonnews.com | Mike McGuire

Replays in the third and fourth rounds of the FA Cup and two-legged EFL Cup semi-finals are expected to be scrapped as part of reforms to the English football calendar.