Need help with Python 2.7 Extended Lifecycle Support? GitHub Flooded with Malware
GitHub becomes weakest link in the software supply chain. Learn what you can do about it.
Read MoreActiveState Blog
- All Categories
- AI
- AppSec Tools
- artifact repository
- CI/CD
- data analysis
- dependency management
- Dependency resolution
- Dependency Vendoring
- DevOps
- DevSecOps
- indemnification
- Machine Learning
- Open Source Languages
- Perl
- Polyglot
- Python Programming
- Ruby Programming
- SBOMs
- SCA Tools
- Security & Compliance
- SLSA
- Software Attestations
- Supply Chain Security
- Tcl
- web developers
Top 10 Malicious Package Scanners
Learn the top tools for detecting malware & typosquatting as well as countering dependency confusion in open source dependencies.
Read MoreHow to Prevent Dependency Confusion
Learn the simple best practices you can implement to mitigate the risk of dependency confusion supply chain attacks.
Read MoreHow to De-risk Unavailable Software Dependencies – Lessons Learned
Learn how to prevent broken software when an open source dependency you rely on disappears from its public repository.
Read More
Why DevOps Leaders Should Understand and Prioritize SLSA
SLSA’s best practices help secure your software supply chain, but they can be costly to implement. Learn about cost-effective alternatives.
Read More
Python 3.11 Breaks Speed Barriers
Python 3.11 offers a 25% speed boost without changing a single line of code. Learn how you Python applications can benefit.
Read More
The “low hanging fruit” approach to software supply chain security
Learn about the Open Source Security Foundation’s top recommendations toward better open source supply chain security for ISVs.
Read More
Trust, Security and the Reproducibility Crisis in Software
Reproducibility is a crisis in many scientific fields. Learn how cost-effective software reproducibility can help solve the crisis.
Read More
How to Immunize Your Software Supply Chain From End To End
It’s no longer a question of whether you’ll be affected by a supply chain attack, but when and how badly. Manage the risk by shifting left the right way. Here’s how.
Read More
The Software Industry’s Supply Chain Security – Poor, Average or Excellent?
Understand how your security implementation stacks up against your peers, and how you can decrease software supply chain security risk.
Read More
Maintain or Migrate? The Python 2 Migration Conundrum in 2022
Should you maintain your Python 2 codebase or migrate to Python 3? You might not have a choice. Here’s why.
Read More
5 key open source lessons from the past year
Planning for 2022? Here are the key lessons we learned in open source in 2021 that you need to take into account.
Read More