Collaborate Disseminate
As leaders in software composition analysis (SCA), we know its role throughout today’s software supply chain.
SCA was born out of necessity. How else could innovators discover, identify, and track open source software (OSS) components within… Continue reading Why Software Composition Analysis (SCA) Demands Precision
For many users, software often isn’t really appreciated until something breaks. Constant availability is an expectation, but, of course, 100% availability isn’t really a reality. When high-profile systems, like Netflix or AWS have outa… Continue reading Using Process Oriented Design (POD) to Increase the Dependability of DevOps Processes
Mark Dodgson, Sonatype software engineer (@mdodgson76), will test his limits starting this Sunday, July 21, in the Deca Ironman event in York, England.
The post Extreme Endurance Required appeared first on Security Boulevard.
Continue reading Extreme Endurance Required
We recently released the fifth annual State of the Software Supply Chain Report in London. This year, we worked with Gene Kim and Dr. Stephen Magill to examine our largest data sample ever. Our goal? To qualify and quantify how exemplary developme… Continue reading A World of Infinite Choice in Open Source Software
Yesterday the UK’s Information Commissioner Office proposed record setting fines under GDPR for £183 million to British Airways, followed by today’s announcement of a proposed £99 million fine to Marriott International follow… Continue reading GDPR Gets Teeth: British Airways and Marriott Fined
In March, a researcher from Twistlock contacted us about two issues he identified, stemming from user access settings. As with any disclosure, we immediately looked into it.
The post Anonymous Access In Nexus Repository is Not A Zero-Day Vul… Continue reading Anonymous Access In Nexus Repository is Not A Zero-Day Vulnerability
After ten months of research which involved studying 36,000 open source software projects, 12,000 enterprise development teams, and 3.7 million open source releases, we are pleased to announce the arrival of the 2019 State of the Software Supply C… Continue reading What 36,000 OSS Projects and 12,000 Commercial Dev Teams Taught Us About Secure Coding Practices
According to the FBI, it’s a 12.5 billion dollar problem: CEO fraud cost global businesses $12,536,948,299 between October 2013 (when formal reporting to the Internet Crime Complaint Center (IC3) began) and May of 2018. But this figure, however … Continue reading Keeping Your Business Safe from CEO Fraud
To recap one of the major events in 2018—500 million customer records from the Starwood Hotels and Resorts guest reservation database had been compromised—shocked and dismayed industry leaders, lawmakers and consumers alike. Not only was t… Continue reading The Marriott Data Breach: 5 Vital Takeaways to Keep Your Business Safe
Late in the autumn of 2016, Microsoft announced that its purchase acquisition of LinkedIn had been finalized for a price of $26.2 billion. The deal attracted a great deal of scrutiny from investors, and attention from commentators, who calculated that… Continue reading What’s The Value Of Your Data? And How Can You Protect This Asset?