Blog
All Blog Posts
Why Binary Scanners Increase Cybersecurity Risk
Binary scanners provide security insight if source code is unavailable, but may result in more security risk than they resolve.
Read More
How to Combat CyberSecurity Burnout
Cybersecurity burnout is increasing as incidents escalate. Learn how you can shift your focus from reactive to proactive with managed tools.
Read More
SEC Cybersecurity Disclosure And The Missing Metrics
SEC cybersecurity disclosures need to be based on AppSec, InfoSec and increasingly software supply chain metrics. Learn what they are.
Read More
GitHub’s Malicious Repo Explosion & How to Avoid It
GitHub malware fork bombs poison the software supply chain at the point of source code generation. Learn how to avoid becoming a victim.
Read More
The Problem With Vendor Risk Management For FinServ
Vendor risk management spikes when evaluating the cybersecurity practices of open source authors. Learn how you can better manger their risk.
Read More
How Secure Should Your Python Supply Chain Be?
The security risk appetite for a project evolves over time. Learn how ActiveState's tiered approach reduces risk as requirements evolve.Â
Read More
It’s Zero Day! Do You Know Where Your Vulnerabilities Are?
Ransomware attacks are increasingly being launched from malware originating in open source ecosystems. Learn what you can do about it.
Read More
Best Practices: Building Dependencies From Source Code Without The Pain
Building open source dependencies from source code is painful, but it's the only way to ensure security. Learn how to automate the process.
Read More
Best Practices: How To Update Your Codebase Without Breaking The Build
Most organizations never update their codebase for fear of breaking the build. Here's how to manage the risk and minimize the cost.
Read More
Best Practices: How to Secure Your Codebase
The best way to avoid remediating vulnerabilities is to start with a non-vulnerable codebase. Learn the best practices to starting secure.
Read More
2023 Software Supply Chain Security Year in Review
2023 was marked by a spike in software supply chain threats, attacks & legislation. We review some of the most significant ones.
Read More
Software Supply Chain Security – ActiveState vs Sonatype
Both Sonatype & ActiveState can secure your software supply chain, but they approach the problem from very different angles. Learn how.
Read More