Open Source Security
Enhance security with Sonatype Lifecycle and ServiceNow Application Vulnerability Response (AVR) integration
We are excited to announce an innovative partnership that integrates Sonatype's open source software (OSS) security intelligence directly into ServiceNow workstreams. For this partnership, we've launched a new Sonatype and ServiceNow integration ...
Enhance security with Sonatype Lifecycle and ServiceNow Application Vulnerability Response (AVR) integration
We are excited to announce an innovative partnership that integrates Sonatype's open source software (OSS) security intelligence directly into ServiceNow workstreams. For this partnership, we've launched a new Sonatype and ServiceNow integration ...
Open Source Security: How Strobes Integrates Security into Your Dev Workflow
Cloud-native development thrives on open-source software (OSS). It offers readily available, pre-built components that accelerate development lifecycles. However, this very advantage presents a significant challenge for DevSecOps: OSS security vulnerabilities.... The post ...
XZ Utils-Like Takeover Attempt Targets the OpenJS Foundation
The OpenJS Foundation, which oversees multiple JavaScript projects, thwarted a takeover attempt of at least one project that has echoes of the dangerous backdoor found in versions of the XZ Utils data ...
6 Essentials for a Near Perfect Cyber Threat Intelligence Framework
Software developers face a constant barrage of cyber threats that can compromise their applications, data, and the security of their organizations. In 2023, the cyber threat The post 6 Essentials for a ...
Introducing our 9th annual State of the Software Supply Chain report
In our fast-paced digital world, striving for excellence is an ongoing journey marked by the relentless pursuit of innovation, efficiency, and a focus on the essential contributors: the developers. Our 9th annual ...
5 Types of Software Supply Chain Attacks Developers Should Know
What do ambulances in the UK, the Norwegian government, and a major Russian bank have in common? They were all victims of successful supply chain attacks The post 5 Types of Software ...
Top 10 Security Automation Tools
With the increasing threats of cyber attacks, safeguarding sensitive data and digital assets has become one of the key considerations of modern organizations. According to The The post Top 10 Security Automation ...
Open Source Security Incidents and How Organizations Can Respond
Attacks that leverage vulnerabilities in open source software are on the rise. How security teams respond to these incidents is key to what impact they will ultimately have. Oftentimes the attacks stemming ...
Security Teams Need to Address One of the Biggest Software Supply Chain Risks: Open Source
One of the biggest threats to software supply chain security is open source software applications and components. Many enterprises and small businesses have come to rely on open source solutions, and they ...
