Black Duck stories

Chainguard tops 500m container manifests as AI-powered DriftlessAF ‘software factory’ scales secure open-source image production.

Black Duck has been named a Leader in Gartner's 2025 Magic Quadrant for Application Security Testing for the eighth consecutive year, leading in execution.

Black Duck warns AI-driven rapid code deployments are outpacing security, risking vulnerabilities as manual checks and alert overload hinder protection efforts.

AI integration in embedded software rises, with 89.3% using AI coding tools, yet 21.1% doubt their security against AI-specific risks, says Black Duck report.

Workday has confirmed a breach via a third-party CRM platform, exposing business contact info through social engineering but no core customer data was compromised.

Black Duck has launched a GitHub app to automate security scans, helping development teams identify vulnerabilities early and streamline application security.

Palo Alto Networks launches Cortex Cloud ASPM, a prevention-first tool to block security risks in cloud and AI apps before deployment, enhancing threat management.

Palo Alto Networks has enhanced Cortex Cloud with a new module to prevent AI-generated code risks, boosting security for faster, safer software development.

GitHub has unveiled an enhanced developer platform powered by Copilot, featuring tools like GitHub Spark and multi-file editing to streamline workflows.

Synopsys to showcase Fast Application Security Testing (fAST) offerings at RSA Conference 2023, enabling DevOps teams to find and fix vulnerabilities.

Synopsys has announced the availability of new features of its Rapid Scan tool, which provides vulnerability detection for open source code.

NeuVector enhances Kubernetes security with new features that prevent vulnerabilities from reaching production, ensuring safer container orchestration.

78% of 1100 examined codebases contained at least one open source vulnerability, with an average of 64 vulnerabilities per codebase.