Our Blog
Featured Posts
Recent Posts
Licensing assessment in Tech Due Diligence: MIT vs GPL vs LGPl vs AGPL vs Mozilla (MPL) vs Apache vs BSD
In today’s software landscape, open-source software (OSS) has become an integral part of development practices, offering developers access to a vast array of libraries, frameworks, and tools. However, using open-source code comes with legal obligations, specifically...
Understanding Software Bill of Materials (SBOM): A Crucial Tool in Software Supply Chain Security
Managing and securing code involves more than just internal development processes; With software increasingly relying on third-party libraries, open-source components, and cloud-based services, understanding the entire software supply chain has become essential. This...
Static Application Security Testing (SAST): Is the team careful writing the code?
When building secure software, one of the key factors that can make or break a system is the care taken during the code-writing process. Static Application Security Testing (SAST) is designed to catch potential vulnerabilities early in the development cycle, ensuring...
Types of Security Testing in Technical Assessment and Due Diligence: SCA vs SAST vs DAST
This post is also available as a podcast on Spotify and Youtube Imagine you’re tasked with assessing the structural integrity of a building that has already been built or is still in the process of construction. The challenge is to ensure that the building is safe,...
Dynamic Application Security Testing (DAST): How Safe is Your Application in Action?
In the world of software security, understanding how your application behaves in real-world conditions is critical. Dynamic Application Security Testing (DAST) is designed to do exactly that: it tests your running application for vulnerabilities by simulating attacks....
Software Composite Analysis (SCA): How secured are the dependencies?
This post discusses Software Composition Analysis (SCA), a security test focused on identifying vulnerabilities and licensing issues in third-party libraries and dependencies. It highlights how SCA fits into security testing alongside SAST and DAST, and outlines actions like upgrading, replacing, or patching insecure components to protect your software. Continuous monitoring is emphasized to maintain security over time.
Code Governance and Ownership assessment
Effective code governance and ownership are crucial for the success of any software project. Clear ownership structures, whether at the company, team, or module level, ensure accountability, streamline decision-making, and mitigate risks associated with abandoned or poorly maintained code.
Changes in Risk Levels: What to Expect in Codenteam 1.5
We’re excited to introduce Codenteam 1.5, featuring enhanced risk detection, code analysis, and due diligence across HR Module, the Investors Hub, External Runs and Security modules.
Introducing Codenteam: Your All-in-One Solution for Tech Company Management
Codenteam revolutionizes the way you manage and optimize your codebase. Seamlessly integrating with your existing workflow, our platform analyzes code ownership from various sources, including Git, PRs, and tasks.