Fortifying the software supply chain: A crucial security practice David Close June 27, 2024 The software supply chain is the backbone of software development. However, the very interconnectedness that makes it efficient also renders it vulnerable to escalating cyber threats.Read More
59% of organizations faced a software supply chain attack Security Staff May 16, 2024 59% of organizations experienced a software supply chain attack, with 54% of these respondents having experienced one in the past year. Read More
Stay a step ahead with the missing link in cybercrime defense: OSINT Michael McLaughlin April 15, 2024 Adding OSINT-driven threat intelligence to the CISO toolkit can be a game-changer, enabling a proactive approach to cybercrime defenses.Read More
Open source developer tools have won: That’s a supply chain risk Randall Degges March 18, 2024 Maintainers of open source developer tools will need to work doubly hard to ensure that they maintain software supply security. Read More
CISA undertakes new efforts to fortify open source ecosystem Security Staff March 12, 2024 The CISA announces new plans to secure the open source ecosystem. Read More
The average open source vulnerability is 2.5 years old Security Staff February 27, 2024 According to a report, nearly 75% of commercial codebases assessed for risk contain open source components impacted by high-risk vulnerabilities.Read More
CISA publishes fact sheet for organizations using open source software Security Staff October 13, 2023 Fact sheet released by CISA provides software security challenges and recommendations to improve security and risk management of OSS use.Read More
CISA announces open source software security roadmap Security Staff September 15, 2023 New roadmap articulates how CISA will enable the secure usage of open source software within the federal government.Read More
Over half of maintainers unaware of new security standards initiatives Security Staff May 2, 2023 A report found that open source maintainers are being asked to take on additional work to meet government and industry standards despite little pay.Read More
Can developers reduce open source cybersecurity risk? Security Staff October 24, 2022 State of the Software Supply Chain Report from Sonatype found legacy open source downloads leading to cybersecurity vulnerability exploitation. Read More