Sonatype Archives - Help Net Security

Sonatype

Open source cyberattacks increasing by 650%, popular projects more vulnerable

September 17, 2021

Sonatype released a report that revealed continued strong growth in open source supply and demand dynamics. Further, with regard to open source security risks, the report …

Saltworks collaborates with Bit Discovery to provide ASM capabilities to application security teams

August 4, 2021

Saltworks announced a partnership with attack surface management (ASM) provider Bit Discovery to integrate advanced ASM capabilities into SaltMiner, Saltworks’ enterprise …

OpenSSF adds new members from around the globe to improve OSS security

July 31, 2021

OpenSSF announced new membership commitments to advance open source security education and best practices. New members include Accurics, Anchore, Bloomberg Finance, Cisco …

36% of organizations suffered a serious cloud security data leak or a breach in the past year

July 27, 2021

As cloud adoption accelerates and the scale of cloud environments grows, engineering and security teams say that risks—and the costs of addressing them—are increasing. The …

Siren partners with SECTION6 to strengthen its presence in the APAC region

June 9, 2021

Siren announced a new partnership agreement with Auckland-based SECTION6, a consultancy which specialises in optimising the delivery and operation of critical IT solutions …

TCG’s security guide verifies the trustworthiness of each end point

May 20, 2021

IT administrators and manufacturers can now secure enterprise computing, with the latest specification from the Trusted Computing Group (TCG). This new guide verifies the …

Saltworks partners with Secure Code Warrior on secure coding for DevOps

March 23, 2021

Saltworks announced a partnership with Secure Code Warrior to elevate the importance and accessibility of secure code education and skills development. By helping developers …

Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack

December 9, 2020

Forescout researchers have discovered 33 vulnerabilities affecting four open source TCP/IP (communications) stacks used in millions of connected devices worldwide. …

Surge in cyber attacks targeting open source software projects

August 13, 2020

There has been a massive 430% surge in next generation cyber attacks aimed at actively infiltrating open source software supply chains, Sonatype has found. Rise of next-gen …

Happy developers more likely to build secure apps

April 8, 2020

There’s an intrinsic link between developer happiness and application security hygiene, and an alarming level of application breaches, according to Sonatype. For the …

The use of open source software in DevOps has become strategic for organizations of all sizes

September 19, 2019

A higher percentage of top performing teams in enterprise organizations are using open source software, according to a survey conducted by DevOps Research and Assessment …

1 in 10 open source components downloaded in 2018 had a known security vulnerability

June 26, 2019

This year’s Sonatype report reveals the best practices exhibited by exemplary open source software projects and commercial application development teams. As in years past, it …

Sonatype

Open source cyberattacks increasing by 650%, popular projects more vulnerable

Saltworks collaborates with Bit Discovery to provide ASM capabilities to application security teams

OpenSSF adds new members from around the globe to improve OSS security

36% of organizations suffered a serious cloud security data leak or a breach in the past year

Siren partners with SECTION6 to strengthen its presence in the APAC region

TCG’s security guide verifies the trustworthiness of each end point

Saltworks partners with Secure Code Warrior on secure coding for DevOps

Vulnerable TCP/IP stacks open millions of IoT and OT devices to attack

Surge in cyber attacks targeting open source software projects

Happy developers more likely to build secure apps

The use of open source software in DevOps has become strategic for organizations of all sizes

1 in 10 open source components downloaded in 2018 had a known security vulnerability

Don't miss

Released: MITRE ATT&CK v10

New infosec products of the week: October 22, 2021

CDR: The secret cybersecurity ingredient used by defense and intelligence agencies

Embracing secure hybrid work with four foundational IT controls

Fraud never sleeps: Why biometrics is essential for effective fraud prevention