Stay a step ahead with the missing link in cybercrime defense: OSINT Michael McLaughlin April 15, 2024 Adding OSINT-driven threat intelligence to the CISO toolkit can be a game-changer, enabling a proactive approach to cybercrime defenses.Read More
Open source developer tools have won: That’s a supply chain risk Randall Degges March 18, 2024 Maintainers of open source developer tools will need to work doubly hard to ensure that they maintain software supply security. Read More
CISA undertakes new efforts to fortify open source ecosystem Security Staff March 12, 2024 The CISA announces new plans to secure the open source ecosystem. Read More
The average open source vulnerability is 2.5 years old Security Staff February 27, 2024 According to a report, nearly 75% of commercial codebases assessed for risk contain open source components impacted by high-risk vulnerabilities.Read More
CISA publishes fact sheet for organizations using open source software Security Staff October 13, 2023 Fact sheet released by CISA provides software security challenges and recommendations to improve security and risk management of OSS use.Read More
CISA announces open source software security roadmap Security Staff September 15, 2023 New roadmap articulates how CISA will enable the secure usage of open source software within the federal government.Read More
Over half of maintainers unaware of new security standards initiatives Security Staff May 2, 2023 A report found that open source maintainers are being asked to take on additional work to meet government and industry standards despite little pay.Read More
Can developers reduce open source cybersecurity risk? Security Staff October 24, 2022 State of the Software Supply Chain Report from Sonatype found legacy open source downloads leading to cybersecurity vulnerability exploitation. Read More
4 things CISOs need to know about software supply chain security Kim Lewandowski October 14, 2022 Cybersecurity leadership needs to understand the security challenges of open source code to tackle software supply chain security threats.Read More
Open source software security act introduced Security Staff September 28, 2022 Legislation seeking to address open source software security risks in the federal government has been introduced.Read More