ST(US:STM) Prnewswire·2025-03-06 14:00Core Insights - Black Duck Software has partnered with STMicroelectronics to enhance software security practices through the implementation of Software Composition Analysis (SCA) and Coverity Static Analysis [1][5]. Group 1: Implementation and Benefits - STMicroelectronics has successfully automated the generation of Software Bill of Materials (SBOM) for its STM32U3 microcontroller using Black Duck SCA, which reinforces software security [2][4]. - The collaboration allows STMicroelectronics to create standardized, machine-readable SBOMs, thereby improving compliance with the European Cyber Resilience Act (CRA) [4][5]. Group 2: Regulatory Compliance and Security Strategy - The enactment of the CRA has increased the necessity for organizations to produce SBOMs and disclose vulnerabilities, prompting companies to adopt solutions like those offered by Black Duck [3]. - Black Duck's portfolio, including SCA and Coverity, helps organizations manage open-source risks and align with evolving regulatory requirements, enhancing their cybersecurity strategies [3][5]. Group 3: Industry Recognition - Black Duck has been recognized as a leader in application security testing, being a seven-time Leader in the Gartner Magic Quadrant for Application Security Testing and a four-time Leader in the Forrester Wave for Software Composition Analysis [4].