Securing the Open Source Software Supply Chain
Recent findings from SonarSource security researchers showed several security vulnerabilities in popular package managers including…
Browsing: supply chain
3 Tips for Improving the Health and Safety of the Open Source Software Supply Chain
As part of Solutions Review’s Premium Content Series, a collection of columns written by industry…
4 Common Misunderstandings About Enterprise Open Source Software
The sophistication with which organizations approach business open-source — commercially supported enterprise software created using…
5 Common Misunderstandings About Enterprise Open Source Software
The sophistication with which organizations approach business open-source — commercially supported enterprise software created using…
Log4j highlights continued cyber risk of free and open source software: Moody’s
Diving Brief: Security vulnerabilities in free and open source software (FOSS) will be a recurring…
Securing open source software is expensive • The Register
Column Open source software has always been more secure than proprietary software, but that doesn’t…
Alpha-Omega Project Takes Human-Centric Approach to Open Source Software Security
The Log4j vulnerability crisis that erupted in late 2021 heightened the world’s security awareness of…
Sonatype, which secures open source code, prepares its IPO
Missed a Future of Work Summit session? Head over to our Future of Work Summit…
Open-source code: how to stay safe while evolving rapidly
Open source has transformed the software world, dramatically reducing the cost of introducing new technologies…
Are we ready for open source software in safety-critical embedded systems?
In recent years, the introduction of open source software in security-critical applications has emerged as…
Log4j Lesson: Improvements in Open Source Software Need Federal Help
While much of this software is written by employees of tech companies whose products are…
New Years Eve threatened: Government website unable to send rapid tests
Lateral flow tests not available for home delivery for a second day in a row…
Professional open source software management
The OSS Good Governance Manual is intended as a guide for companies that promotes the…
What the Internet Bug Bounty Teaches About Open Source Software Security
The HackerOne security platform recently announced the latest version of its Internet Bug Bounty (IBB)…
Securing Open Source Code Supply Chains Can Help Prevent the Next Big Cyber Attack
The supply chain attack on SolarWinds at the end of last year sent shock waves…
MENA Bus and Coach Market, By Length, By Application By
New York, November 22, 2021 (GLOBE NEWSWIRE) – Reportlinker.com announces the publication of the report…
Software composition analysis: how it identifies the risks associated with open source software
Credit: Elle Aon / Shutterstock Software Composition Analysis (SCA) refers to getting an overview of…
Software composition analysis explained and how it identifies risks associated with open source software
Definition of software composition analysisSoftware Composition Analysis (SCA) refers to getting an overview of the…
Governor Larry Hogan – Official website of the Governor of Maryland
Largest e-commerce port in the United States handles more cars and light trucks than any…
Devsecops Buyer’s Guide: Application Security
As applications have evolved to become more complex and distributed, the security effectiveness of traditional…
Apiiro unveils open source software toolkit to combat dependency confusion attacks
TEL AVIV and NEW YORK, November 9, 2021 / PRNewswire / – Apiiro, the leader…
Apiiro Unveils Open Source Software Toolkit to Combat Confusion of Dependency Attacks | State
TEL AVIV and NEW YORK, November 9, 2021 / PRNewswire / – Apiiro, the leader…
Apiiro Unveils Open Source Software Toolkit to Combat Dependency Confusion Attacks
TEL AVIV and NEW YORK, November 9, 2021 /PRNewswire/ — Apiirothe leader in application risk…
Applying Open Source Software – Help Reduce Electronic Waste?
The Software Freedom Conservancy (SFC) has launched a lawsuit in the United States against smart…
Trojan Source Attack Method May Hide Bugs in Open Source Code
University researchers have published details of a new attack method they call “Trojan Source” that…
Google pledges $ 1 million to protect open source software
Google has pledged to fund a new open source security project hosted by the Linux…
Google offers $ 1 million to secure open source software
Google pledged $ 1 million in funding to the Linux Foundation Open source secure (SOS),…
Google offers $ 1 million to secure open source software
Google pledged $ 1 million in funding to the Linux Foundation Open source secure (SOS)…
Google-backed program will pay developers for open source software security improvements
Few companies are as committed to the cause of open source software as Google LLC,…
Sigstore aims to bridge the trust gap in open source software
One of the great virtues of open source software – that anyone can contribute -…
Google Sponsors OSTIF Security Reviews on Critical Open Source Software
The The Transform Technology Summits begin October 13 with Low-Code / No Code: Enabling Enterprise…
Why open source software supply chain management is worse than you might think
A Sonatype survey also found a 650% year-over-year increase in supply chain attacks targeting upstream…
How open source software drives innovation across industries (VB Live)
DataStax presented It is increasingly clear that open source software (OSS) is a smart bet,…
SPDX becomes a new standard for open source software and security
Supported by many of the world’s largest companies for over a decade, the Software Package…
Checkmarx Acquisition of Dustico Strengthens Open Source Software Supply Chain
The The Transform Technology Summits begin October 13 with Low-Code / No Code: Enabling Enterprise…
Password stealing malware hidden in open source software – what to do
Malicious malware that steals passwords from Google Chrome and can also take screenshots and use…
Open source software can be a security time bomb for businesses
A majority of developers never update a third party Open source libraries after including them…
Securing the open source software supply chain
The wave of supply chain attacks that emerged last year hit some of the largest…
How Security and License Compliance Cultures Can Coexist for Open Source Software Management
Much of contemporary culture stages clashes between opposites. From the trivial (coffee vs tea) to…
Sonatype advances the quality and security of Open Source code
Sonatype today launched an Advanced Development Pack service that highlights the dependencies between open source…
Combat vulnerabilities in open source code
Open source downloads are on track to reach 1.5 trillion in 2020, an all-time high.…
4 best practices for avoiding vulnerabilities in open source code
This year presented even more challenges to ensuring the integrity and security of open source…
Open Source Code: Trojan Horse for Attacks?
On June 2, it was revealed that Octopus Scanner malware had infected at least 26…
GitHub acquires Semmle to improve open source code security
Microsoft-owned open source code repository GitHub has acquired a startup called Semmle that specializes in…
Understand the use of open source code in your business
You might have heard of open source software before, but you probably haven’t considered how…
Open source code is common, potentially dangerous, in enterprise applications
The closure of the Open Source Vulnerability Database this week has posed another security challenge…
Black Duck’s mission: to find unsecured open source code in the enterprise
The open source world tries to be more proactive in protecting its software and protocols,…
In fact, open source code is better: report
Free and open source software such as Firefox, LibreOffice, and Linux are enjoying increasingly widespread…