Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Open Source

Announcing Opengrep: Continuing the Open-Source Mission for Static Code Analysis

At Jit, we are proud to announce our participation in a consortium of companies that have come together to launch Opengrep, a continuation of Semgrep’s groundbreaking OSS. Opengrep is born out of our shared commitment to keeping static code analysis open, accessible, and community-driven.

Launching Opengrep | Why we forked Semgrep

Last month, Semgrep announced major changes to its OSS project—strategically timed for a Friday, of course ;) Since 2017, Semgrep has been a cornerstone of the open-source security community, offering a code analysis engine and rule repository alongside its SaaS product. But their recent moves raise the question: what does “open” really mean?

How Open-Source Security Frameworks Drive Better Cyber Defense

Open-source security frameworks are an essential tool in the cybersecurity arsenal. These frameworks provide the foundation for building secure systems and adhering to key industry standards. Yet, despite their importance, many practitioners and organizations fail to tap into the full potential of these frameworks. Exploring them in depth can unlock significant value for businesses, developers, and security teams.

Microsoft and Black Duck DevOps Partnership: Build Secure, High-Quality Software Faster | Black Duck

Building secure, high-quality software is more challenging than ever. The bar is set high for organizations to release new features and functions without compromising the quality or security in the applications they deploy. Organizations are rapidly adopting DevOps tools and methodologies to keep up-with the demands of accelerated software delivery. They are also implementing application security testing earlier in their development workflow to develop and deploy quality code.

Black Duck SCA & Coverity Static Analysis (SAST) Integrations with Amazon AWS CI Tools | Black Duck

DevOps teams are rearchitecting their applications from monoliths to microservices, fueled by containerization and CI/CD. As application development moves to the cloud, security testing tools must follow. Application security testing solutions by Black Duck support the CI/CD tools you already use, including AWS Developer Tools. Coverity static analysis identifies security and quality issues in code as it is being built. To invoke a Coverity scan in AWS CodeBuild, simply add the steps to your application’s build specifications.

Integrating Cybersecurity Functions into Dashboards: Examples with Open Source Frameworks

Cybersecurity has become a non-negotiable aspect of modern technology, with businesses and individuals alike seeking smarter ways to protect their digital assets. Among the most effective solutions are interactive dashboards that provide real-time insights and control over security measures. Leveraging vue dashboard framework like AdminForth, developers can seamlessly integrate security features to create custom, open-source dashboards that enhance visibility and control. These tools offer an accessible and cost-effective way to streamline cybersecurity operations.

Build an SBOM in under 30 seconds with Black Duck SCA | Black Duck

In this video, we show you how easy it is to create an open source Software Bill of Materials (SBOMs) using Black Duck SCA. Join us as we demonstrate how to effortlessly generate an SBOM in under 30 seconds, empowering enterprise teams to prioritize SBOM creation. Key Steps.

Understanding OSS security, quality, and license risks in Black Duck SCA | Black Duck

In this video, we unveil the three fundamental views of Software Composition Analysis (SCA) risk within Black Duck: Security, License, and Operational. Join us as we navigate the landscape of open source components to identify vulnerabilities, license obligations, and component health.