Collaborate Disseminate
Although it might seem premature to discuss the future of the software bill of materials (SBOM) before they have even gained full use and acceptance in the industry. However, the future of the SBOM is intertwined with the maturity of software sec… Continue reading The Future of the SBOM
By now, you’ve probably heard the term software bill of materials (SBOM). It’s become the security buzzword of the year. Let’s look a little deeper into the what a SBOM is, what it contains, how it is used and how the industry plans to exchange t… Continue reading What is an SBOM? A deep dive.
Synopsys Rapid Scan helps developers build secure apps with faster, accurate application security testing.
The post Build developer trust with faster, accurate AppSec testing from Rapid Scan appeared first on Software Integrity Blog.
The post Build … Continue reading Build developer trust with faster, accurate AppSec testing from Rapid Scan
Because companies are defined by their customers, we connected with IT Central Station for real user experiences with Sonatype’s Nexus Lifecycle and Nexus Firewall. Our second in the series, we first looked at benefits of data quality to Software … Continue reading Effective Tools for Software Composition Analysis
Android is, for most people, a mobile operating system for their phone or tablet. In fact, it’s an extremely successful open source platform in general. It’s common in automobile infotainment systems, set top boxes and even finds its way into indu… Continue reading Multi-language SAST and SCA for Android Platforms and Applications
According to its official documentation, “twitter-server” is a Twitter OSS project used to provide a template from which servers at Twitter are built. It provides common application components such as an administrative HTTP server, tracing, stats, and … Continue reading CVE-2020-35774: twitter-server XSS Vulnerability Discovered
In July 2017, one of the biggest data breaches was due to an insecure and out of date web application platform. This breach would have been prevented if the Apache Struts platform the web application ran on had the most recent updates applied. Thi… Continue reading Securing the Software Supply Chain Goes Beyond Application Development
“Apache Unomi is a Java Open Source customer data platform, a Java server designed to manage customers, leads and visitors’ data and help personalize customers experiences,” according to its website. Unomi can be used to integrate personalization and p… Continue reading Apache Unomi CVE-2020-13942: RCE Vulnerabilities Discovered
The BSIMM is an annual study of the real-world software security initiatives – “SSIs” in the report – across the software industry drawing from data and experience from 130 organizations. Rather than repeat the aim of the study, this quote sums it… Continue reading What the Building In Security Maturity Model (BSIMM) Says About the Role of SAST and SCA
As part of our ongoing mission to help organizations develop and deploy more secure software and applications, and in light of Checkmarx’s expanded insight into the open source security landscape with its recently launched SCA solution, the Check… Continue reading It’s Time to Update Your Drupal Now!