ActiveState Blog

How to Manage Programming Language Upgrades and EOL20220811130311

How to Manage Programming Language Upgrades and EOL

Dana CraneLast Updated: August 11, 2022End of Life, EOL, EOL support, Open source programming languages, Programming language upgrades
Learn how to reduce the costs of upgrading open source languages, as well as best practices when a programming language becomes EOL....
GitHub Flooded with Malware20220808111356

GitHub Flooded with Malware

Dana CraneLast Updated: August 8, 2022dependency confusion, github, malware, supply chain security, typosquatting
GitHub becomes weakest link in the software supply chain. Learn what you can do about it....
Top 10 Malicious Package Scanners20220804153726

Top 10 Malicious Package Scanners

Mike MackroryLast Updated: August 4, 2022Black Duck, BluEye, dependency confusion, Loki, malware, Nexus Firewall, Pypi-scan, RetireJS, SonarQube, supply chain security, Tidelift, typosquatting, upguard
Learn the top tools for detecting malware & typosquatting as well as countering dependency confusion in open source dependencies....
How To Detect Typosquatting With Python20220728124251

How To Detect Typosquatting With Python

Vince PowerLast Updated: August 4, 2022artificial intelligence, machine learning, python programming, typosquatting, typosquatting detector
Learn how to detect typosquatted packages before you import them by following along with this Python ML tutorial....
How to Prevent Dependency Confusion20220721151717

How to Prevent Dependency Confusion

Dana CraneLast Updated: July 21, 2022dependency confusion, dependency vendoring, secure build service, supply chain security
Learn the simple best practices you can implement to mitigate the risk of dependency confusion supply chain attacks....
How to De-risk Unavailable Software Dependencies – Lessons Learned20220714145605

How to De-risk Unavailable Software Dependencies – Lessons Learned

Dana CraneLast Updated: July 14, 2022atomicwrites, dependency vendoring, leftpad, pypi, software dependency availability, supply chain security
Learn how to prevent broken software when an open source dependency you rely on disappears from its public repository....
How Reproducible Builds Foster Security20220707145301

How Reproducible Builds Foster Security

Dana CraneLast Updated: July 7, 2022reproducible builds, SLSA, Supply chain levels for Software Artifacts, supply chain security
Reproducible builds are key to security, but expensive to set up and maintain. Learn how to get secure reproducible builds without the costs....
How Software Bill Of Materials (SBOMs) Support Secure Development20220703134325

How Software Bill Of Materials (SBOMs) Support Secure Development

Dana CraneLast Updated: July 3, 2022License compliance, SBOM, Software bill of materials, Software Package Data Exchange, SPDX, supply chain security
Programmatic generation of SBOMs is an emerging requirement for ISVs to allow them and their customers to assess software risk....
Why DevOps Leaders Should Understand and Prioritize SLSA20220622181052

Why DevOps Leaders Should Understand and Prioritize SLSA

Jeff AboudLast Updated: June 28, 2022dependency vendoring, devops, SLSA, software supply chain security, Supply chain levels for Software Artifacts, supply chain security
SLSA's best practices help secure your software supply chain, but they can be costly to implement. Learn about cost-effective alternatives....
Python 3.11 Breaks Speed Barriers20220616174844

Python 3.11 Breaks Speed Barriers

Dana CraneLast Updated: June 17, 2022python, Python 3.11, python programming
Python 3.11 offers a 25% speed boost without changing a single line of code. Learn how you Python applications can benefit....
Previous
12384
Next