software supply chain hygiene

Beyond npm Audit to Traverse an Increasingly Complex Dependency Tree

Posted on March 4, 2020 by Mike Hoskins

If you’ve been immersed in the Node.js/JavaScript community for awhile, or even if you are just getting started, you are likely using npm audit to scan package dependencies in your projects. It’s easy to stumble upon as part of the ubiquitous npm,… Continue reading Beyond npm Audit to Traverse an Increasingly Complex Dependency Tree→

Gartner: You Must Assess Overall Software Health and Welfare

Posted on February 24, 2020 by Katie McCaskey

Gartner’s recent report Technology Insight for Software Composition Analysis, makes four open-source security recommendations that companies should think about when determining what type of software composition analysis program they want to … Continue reading Gartner: You Must Assess Overall Software Health and Welfare→

Nexus Lifecycle Now Integrates with Azure DevOps to Secure Software Supply Chains in the Cloud

Posted on October 11, 2019 by Michelle Dufty

As more and more software development teams move to the cloud, it is now more important than ever to ensure that only the best open source components make it into a final application. With a 71% increase in open source related breaches within the … Continue reading Nexus Lifecycle Now Integrates with Azure DevOps to Secure Software Supply Chains in the Cloud→