The best way to avoid remediating vulnerabilities is to start with a non-vulnerable codebase. Learn the best practices to starting secure.

The US government has begun prosecuting software vendors with lax cybersecurity controls. Learn how to conquer your bad security habits.

As we reflect on the software landscape of 2023, the overarching theme that defined the year was the growing emphasis on securing the software supply ...

2023 was marked by a spike in software supply chain threats, attacks & legislation. We review some of the most significant ones.

Both Sonatype & ActiveState can secure your software supply chain, but they approach the problem from very different angles. Learn how.

Supply chain security concerns in the build process have been growing since the Solarwinds hack way back in December 2020. That incident compromised Solarwinds’ software ...

The Perl Steering Committee has recently identified and patched two new major vulnerabilities that affect the Perl core, both of which make it possible for ...

Repositories bracket either end of the software supply chain for most organizations in the software industry, providing the means to store imported software assets at ...

As data volumes continue to expand exponentially in various scientific and industrial sectors, clustering has become an essential big data analysis technique. It helps generate ...

Organizations are increasingly concerned with the security of their software supply chain, but have trouble navigating the ever-expanding labyrinth of open source and proprietary software ...

A Software Composition Analysis (SCA) tool provides organizations with three key ways to understand the open source software used within their application: Because open source ...

Software Bill Of Materials (SBOMs) are becoming increasingly important, and even a critical requirement if you’re aUS government vendor  or a  medical device manufacturer. This ...