New roadmap articulates how CISA will enable the secure usage of open source software within the federal government.

A report found that open source maintainers are being asked to take on additional work to meet government and industry standards despite little pay.

State of the Software Supply Chain Report from Sonatype found legacy open source downloads leading to cybersecurity vulnerability exploitation.

Cybersecurity leadership needs to understand the security challenges of open source code to tackle software supply chain security threats.

Legislation seeking to address open source software security risks in the federal government has been introduced.

Application security remains a wide attack vector for cybercriminals, but cybersecurity leaders can use tools to better detect vulnerabilities in their applications and software supply chains.

Much of the focus around Elon Musks’ Twitter takeover has centered around how he will treat free speech on the platform. But, two of his promises may have bigger implications for cybersecurity.

Why is open-source software risky, and how can security organizations protect against open-source exploits? 

The open-source and developer community has adopted Open Policy Agent (OPA) as the de facto standard for authorization. There are three critical ways OPA can help organizations solve for authorization:

By staying on top of open source trends, scanning frequently and working with security counterparts to get the information needed, developers can fix more third-party library flaws faster to develop more secure applications in the future.