Tag: Software Supply Chain
Proactive Dependency Management: Reducing Risk and Improving Software Quality
Justin Young | | dependencies, Dependency Management, devops, open-source components, quality, risk, Software Supply ChainManaging dependencies isn’t just best practice, it is an essential ongoing process. Implement these strategies in your projects to stay ahead of potential issues and ensure your software remains reliable, secure and ...
Learning From SpaceX: How the Space Industry’s Transformation can Inspire DevOps in Software Development
In recent years, the space industry, much like software development, has experienced rapid transformation. SpaceX has revolutionized space launches with its use of reusable rockets and innovative suppliers ...
Endor Labs Adds Analytics and Patching Tools to Secure Open Source Software
Endor Labs today at the Black Hat USA 2024 conference revealed it has added an ability to determine how challenging it might prove to be to upgrade an open source software package, ...
Survey Surfaces Troubling Signs of Software Supply Chain Insecurity
Mike Vizard | | ai, compliance, CRA, regulatory compliance, Software Supply Chain, supply chain securityA survey of software engineering professions has uncovered disconcerting signs of software supply chain insecurity ...
Report Surfaces Thousands of Potential Vulnerabilities in GitHub Workflows
An analysis of 2.5 million GitHub Actions workflow files belonging to 553,000 organizations and personal users surfaces thousands of potential vulnerabilities ...
ReversingLabs Applies AI to Better Secure Application Binaries
Mike Vizard | | application development, binaries, ReversingLabs, software development, Software Supply ChainReversingLabs launched a binary analysis tool that uses machine learning algorithms to identify risks before and after apps are deployed ...
Veracode Report Shines Spotlight on Massive Application Security Debt
In an analysis of more than a million applications, Veracode found 42% contained flaws that remained unfixed for longer than a year ...
OpenText Extends Tool for Auditing Source Code Using Machine Learning
OpenText updated a static analysis code auditing tool using machine learning algorithms to provide deeper insights into on-premises IT environments ...
Synopsys Report Sees Steady Application Security Gains
An analysis of the security automation practices of 130 organizations published by Synopsys suggests significant progress toward securing software supply chains ...
Lineaje Allies With Persistent Systems on Open Source Software Remediation Service
Mike Vizard | | Lineaje, open source, Persistent Systems, remediation, SBoM, Software Supply Chain, vulnerabilitiesLineaje and Persistent Systems are providing a managed service for remediating open source vulnerabilities that leverages AI technologies ...
CISA, NSA Issue Supply Chain Security Guidance Report
The NSA, ODNI and CISA have issued guidance to assist software developers and suppliers in shoring up software integrity and security ...
Survey Surfaces Software Supply Chain Security Challenges
While there is general agreement on the importance of software supply chain security, there is a significant disconnect on how to achieve that goal ...
