How to Manage Programming Language Upgrades and EOL20220811130311
How to Manage Programming Language Upgrades and EOL
Last Updated: August 11, 2022End of Life, EOL, EOL support, Open source programming languages, Programming language upgrades
Learn how to reduce the costs of upgrading open source languages, as well as best practices when a programming language becomes EOL....
GitHub Flooded with Malware20220808111356
GitHub Flooded with Malware
Last Updated: August 8, 2022dependency confusion, github, malware, supply chain security, typosquatting
GitHub becomes weakest link in the software supply chain. Learn what you can do about it....
Top 10 Malicious Package Scanners20220804153726
Top 10 Malicious Package Scanners
Last Updated: August 4, 2022Black Duck, BluEye, dependency confusion, Loki, malware, Nexus Firewall, Pypi-scan, RetireJS, SonarQube, supply chain security, Tidelift, typosquatting, upguard
Learn the top tools for detecting malware & typosquatting as well as countering dependency confusion in open source dependencies....
How To Detect Typosquatting With Python20220728124251
How To Detect Typosquatting With Python
Last Updated: August 4, 2022artificial intelligence, machine learning, python programming, typosquatting, typosquatting detector
Learn how to detect typosquatted packages before you import them by following along with this Python ML tutorial....
How to Prevent Dependency Confusion20220721151717
How to Prevent Dependency Confusion
Last Updated: July 21, 2022dependency confusion, dependency vendoring, secure build service, supply chain security
Learn the simple best practices you can implement to mitigate the risk of dependency confusion supply chain attacks....
How to De-risk Unavailable Software Dependencies – Lessons Learned20220714145605
How to De-risk Unavailable Software Dependencies – Lessons Learned
Last Updated: July 14, 2022atomicwrites, dependency vendoring, leftpad, pypi, software dependency availability, supply chain security
Learn how to prevent broken software when an open source dependency you rely on disappears from its public repository....
How Reproducible Builds Foster Security20220707145301
How Reproducible Builds Foster Security
Last Updated: July 7, 2022reproducible builds, SLSA, Supply chain levels for Software Artifacts, supply chain security
Reproducible builds are key to security, but expensive to set up and maintain. Learn how to get secure reproducible builds without the costs....
How Software Bill Of Materials (SBOMs) Support Secure Development20220703134325
How Software Bill Of Materials (SBOMs) Support Secure Development
Last Updated: July 3, 2022License compliance, SBOM, Software bill of materials, Software Package Data Exchange, SPDX, supply chain security
Programmatic generation of SBOMs is an emerging requirement for ISVs to allow them and their customers to assess software risk....
Why DevOps Leaders Should Understand and Prioritize SLSA20220622181052
Why DevOps Leaders Should Understand and Prioritize SLSA
Last Updated: June 28, 2022dependency vendoring, devops, SLSA, software supply chain security, Supply chain levels for Software Artifacts, supply chain security
SLSA's best practices help secure your software supply chain, but they can be costly to implement. Learn about cost-effective alternatives....
Python 3.11 Breaks Speed Barriers20220616174844
Python 3.11 Breaks Speed Barriers
Last Updated: June 17, 2022python, Python 3.11, python programming
Python 3.11 offers a 25% speed boost without changing a single line of code. Learn how you Python applications can benefit....