Please turn on your JavaScript for this page to function normally.
open source
Research reveals where 95% of open source vulnerabilities lie

New research from Endor Labs offers a view into the rampant but often unmonitored use of existing open-source software in application development and the dangers arising from …

lock
How to assess and mitigate complex supply chain risks

As cyber attackers increasingly look to capitalize on accelerating digitalization that has seen many enterprises significantly increase their reliance on cloud-based solutions …

You can up software supply chain security by implementing these measures

The COVID-19 pandemic has been a driving force in digital acceleration, and it continues to wield its influence in how organizations and their staff embrace work. In the push …

open source
Consumer behaviors are the root of open source risk

Sonatype unveiled its eighth annual State of the Software Supply Chain Report which, in addition to a massive surge in open source supply, demand, and malicious attacks, found …

How supply chain threats will evolve in 2023

Software supply chain risk has grown to be a significant concern for organizations as cyber attackers look to take advantage of the accelerating digitalization that has seen …

architecture
AI can help you optimize your supply chain

There are three key questions concerning artificial intelligence (AI) in the supply chain: Where are we today and what are some of the tailwinds driving the implementation of …

Scribe Security
Product showcase: Scribe platform’s end-to-end software supply chain security

As software supply chain security becomes more and more crucial, security, DevSecOps, and DevOps teams are more challenged than ever to build transparent trust in the software …

open source
New security concerns for the open-source software supply chain

Open-source software is a critical element of the software supply chain in companies of all sizes, but there are new security concerns for the open-source software supply …

Wolfi Linux
Wolfi Linux provides the control needed to fix modern supply chain threats

There’s been a massive push for supply chain security in the last few years: integrity protection, vulnerability management, and transparency. This push has left …

open source
Open source projects under attack, with enterprises as the ultimate targets

Sonatype has found a massive year-over-year increase in cyberattacks aimed at open source projects. According to early data from Sonatype’s 8th annual State of the …

Wolfi Linux
Wolfi: A Linux undistro with security measures for the software supply chain

Wolfi is a new community Linux undistribution that combines the best aspects of existing container base images with default security measures that will include software …

USA flag
US government software suppliers must attest their solutions are secure

The Office of Management and Budget (OMB) has issued a memo requiring US federal government agencies to use software that has been built according to secure software …

Don't miss

Cybersecurity news