Our Blog Posts

Featured Blog

Disinformation Is An Open Source Problem

The Oxford dictionary defines disinformation as “false information which is intended to mislead.” That simple definition seems to understate the problem, given the fact that ...
Read More →
All Blog Posts
Vulnerabilities by Owner
It’s Zero Day! Do You Know Where Your Vulnerabilities Are?
Ransomware attacks are increasingly being launched from malware originating in open source ecosystems. Learn what you can do about it.
Read More →
Best Practices: Building Dependencies From Source Code Without The Pain
Building open source dependencies from source code is painful, but it's the only way to ensure security. Learn how to automate the process.
Read More →
Best Practices: How To Update Your Codebase Without Breaking The Build
Most organizations never update their codebase for fear of breaking the build. Here's how to manage the risk and minimize the cost.
Read More →
Best Practices: How to Secure Your Codebase
The best way to avoid remediating vulnerabilities is to start with a non-vulnerable codebase. Learn the best practices to starting secure.
Read More →
Cybersecurity Resolutions for 2024
2024 New Year’s Cybersecurity Resolutions
The US government has begun prosecuting software vendors with lax cybersecurity controls. Learn how to conquer your bad security habits.
Read More →
From Zero Days to Heroic Plays – 2023 a Year in Review
As we reflect on the software landscape of 2023, the overarching theme that defined the year was the growing emphasis on securing the software supply ...
Read More →
2023 Software Supply Chain Security Year in Review
2023 was marked by a spike in software supply chain threats, attacks & legislation. We review some of the most significant ones.
Read More →
sonatype VS activestate
Software Supply Chain Security – ActiveState vs Sonatype
Both Sonatype & ActiveState can secure your software supply chain, but they approach the problem from very different angles. Learn how.
Read More →
Software Supply Chain Security for CI/CD Pipelines
Supply chain security concerns in the build process have been growing since the Solarwinds hack way back in December 2020. That incident compromised Solarwinds’ software ...
Read More →
Perl Zero Day Security Threats
The Perl Steering Committee has recently identified and patched two new major vulnerabilities that affect the Perl core, both of which make it possible for ...
Read More →
The Role of Repositories in Software Supply Chain Security
Repositories bracket either end of the software supply chain for most organizations in the software industry, providing the means to store imported software assets at ...
Read More →
Exploring K Means Clustering in Big Data Using Python
As data volumes continue to expand exponentially in various scientific and industrial sectors, clustering has become an essential big data analysis technique. It helps generate ...
Read More →

Stay up-to-date with our mailing list

Scroll to Top