Join David Bohannan, an R&D engineer at Black Duck, as he demonstrates using Black Duck's IDE plug-in, Code Sight to run static analysis on Python code within Visual Studio. Watch as Code Sight instantly detects vulnerabilities like OS command injection and cross-site request forgery while code is being written, helping developers fix issues early in the software lifecycle. David will demonstrate how leveraging Coverity's Rapid Scanning engine through Code Sight can allow developers to tackle issues such as secret scanning and ensure hardcoded secrets are flagged before they become risks to applications further downstream.

Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Watch the video to streamline your SBOM generation process and take control of your software supply chain. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain.

Black Duck BSIMM Assessments helps organizations plan, implement, and measure their software security initiatives. A BSIMM assessment provides an objective, data-driven evaluation that leaders seeking to improve their security postures can use to base decisions about resources, time, budget, and priorities.

Black Duck is the market leader in application security testing (AST). With the most comprehensive, powerful, and trusted portfolio of application security solutions in the industry, we help organizations worldwide build trust in their software.

In this video you will discover how Coverity’s Rapid Scan Static Analysis can help developers find and fix vulnerabilities in their code early in the development cycle by providing quick feedback on the most impactful issues. This new update in the Coverity 2024.6.0 release highlights how developers can run quick scans for C# applications via the Coverity Rapid Scan Static engine; returning quick and accurate static analysis results related to issues such as deserialization, hardcoded secrets, unsafe API calls, single-file data flow, etc. at record speeds.