Comments on: Protecode: Keeping Your Nose Clean, Proactively http://www.thevirtualcircle.com/2008/05/protecode-keeping-your-nose-clean-proactively/ WordPress site Wed, 16 Nov 2011 20:21:06 +0000 hourly 1 By: Should Enterprises Use Mashups? | HaveMacWillBlog (aka Robin Bloor’s Blog) http://www.thevirtualcircle.com/2008/05/protecode-keeping-your-nose-clean-proactively/comment-page-1/#comment-244 Should Enterprises Use Mashups? | HaveMacWillBlog (aka Robin Bloor’s Blog) Wed, 13 Aug 2008 12:56:05 +0000 http://havemacwillblog.com/2008/05/01/protecode-keeping-your-nose-clean-proactively/#comment-244 [...] In the first situation the downloaded code will (or should) go through all the proper governance procedures, including quality control, eventually emerging with some IT Department “seal of approval”. The main worry then is whether you have the legal right to use the code. There’s no easy way to be sure of this without using an automated capability - from one of the 3 vendors; Black Duck, Protecode or Palamida who operate in this area. There are postings on Black Duck and Protecode. [...] [...] In the first situation the downloaded code will (or should) go through all the proper governance procedures, including quality control, eventually emerging with some IT Department “seal of approval”. The main worry then is whether you have the legal right to use the code. There’s no easy way to be sure of this without using an automated capability – from one of the 3 vendors; Black Duck, Protecode or Palamida who operate in this area. There are postings on Black Duck and Protecode. [...]

]]> By: 10 More Companies to Keep An Eye On | HaveMacWillBlog (aka Robin Bloor’s Blog) http://www.thevirtualcircle.com/2008/05/protecode-keeping-your-nose-clean-proactively/comment-page-1/#comment-243 10 More Companies to Keep An Eye On | HaveMacWillBlog (aka Robin Bloor’s Blog) Wed, 23 Jul 2008 13:56:28 +0000 http://havemacwillblog.com/2008/05/01/protecode-keeping-your-nose-clean-proactively/#comment-243 [...] 7. Protecode: Protecode had a fairly obvious idea, but like a lot of good ideas, it’s obvious only in retrospect. The time to check whether you’re likely to violate a software license is when you’re including someone else’s code in code you’re writing - not after it’s written. You really don’t want to suddenly discover you need to rewrite bits of a program because you violated someone’s GPL. For more on this see  Protecode: Keeping Your Nose Clean, Proactively [...] [...] 7. Protecode: Protecode had a fairly obvious idea, but like a lot of good ideas, it’s obvious only in retrospect. The time to check whether you’re likely to violate a software license is when you’re including someone else’s code in code you’re writing – not after it’s written. You really don’t want to suddenly discover you need to rewrite bits of a program because you violated someone’s GPL. For more on this see  Protecode: Keeping Your Nose Clean, Proactively [...]

]]> By: mbleasdale http://www.thevirtualcircle.com/2008/05/protecode-keeping-your-nose-clean-proactively/comment-page-1/#comment-242 mbleasdale Fri, 02 May 2008 16:28:51 +0000 http://havemacwillblog.com/2008/05/01/protecode-keeping-your-nose-clean-proactively/#comment-242 Thanks so much for the mention in your blog. I'd like to provide some clarification though for your readers. Palamida's focus since late 2007 has been application security for open source code. While we do still detect possible IP violations, this falls under a much larger umbrella of application security. Ensuring that developers, engineering and security teams can vet their code pre-deployment against business, legal and vulnerability risks. With the largest database of open source and third party components in the industry - including open source projects no longer in current use but still in existence within mission critical apps - Palamida helps eliminate undocumented code. Last year, Palamida reviewed over 500 million lines of code, of which, over 50% was undocumented within the organizations we assisted. Of THAT, a very significant percentage contained vulnerabilities. In today's security and compliance-centric climate, it's important that organizations fold open source app sec into their processes. Thanks so much for the mention in your blog. I’d like to provide some clarification though for your readers. Palamida’s focus since late 2007 has been application security for open source code. While we do still detect possible IP violations, this falls under a much larger umbrella of application security. Ensuring that developers, engineering and security teams can vet their code pre-deployment against business, legal and vulnerability risks. With the largest database of open source and third party components in the industry – including open source projects no longer in current use but still in existence within mission critical apps – Palamida helps eliminate undocumented code.

Last year, Palamida reviewed over 500 million lines of code, of which, over 50% was undocumented within the organizations we assisted. Of THAT, a very significant percentage contained vulnerabilities.

In today’s security and compliance-centric climate, it’s important that organizations fold open source app sec into their processes.

]]>