open source risk management

Managing Open Source Software Risks With the HeroDevs EOL Dashboard

Managing Open Source Software Risks With the HeroDevs EOL Dashboard

| | dashboard, dependencies, open source, open source risk, open source risk management, risk management, secure software supply chain, Sonatype Lifecycle
Modern software delivery runs on open source. But as dependency graphs expand and application lifecycles stretch across years, end-of-life (EOL) components are becoming a structural security challenge ...
2024 Sonatype Blog

Future-Proofing Your Software Supply Chain with SCA Best Practices

| | Application Security, Automation, open source, open source risk, open source risk management, shift left, Software Composition Analysis
Open source software (OSS) is the backbone of modern software development, empowering industries from finance and healthcare to government and technology to innovate faster and reduce costs. However, this widespread adoption brings ...
2024 Sonatype Blog
Zero-day vulnerabilities: A beginner's guide

Zero-day vulnerabilities: A beginner’s guide

| | Log4Shell, open source risk management, open source security risks, Security Vulnerabilities
Note: This article was originally published on The New Stack ...
2024 Sonatype Blog
What is OWASP?

What is OWASP?

| | open source risk management, owasp, software supply chain, Vulnerabilities
The Open Web Application Security Project (OWASP) serves as an invaluable ally for software engineers and application security professionals ...
Sonatype Blog

Open source risk management: Safeguarding software integrity

| | licenses, open source risk management, secure software supply chain, Sonatype Lifecycle, Vulnerabilities
In the constantly shifting terrain of software supply chains, open source software (OSS) fulfills a dual mandate, propelling innovation forward and serving as the cornerstone of operational efficiency ...
Sonatype Blog
Going Online With the OWASP Vulnerability Management Guide Working Group

Going Online With the OWASP Vulnerability Management Guide Working Group

| | DevZone, open source risk management, secure software supply chain, Vulnerabilities
  ...
Sonatype Blog

October is Cyber Security Awareness Month. Developers Are Some of Our Best Guardians.

| | Everything Open Source, open source, open source risk management, open source software supply chain, PCI, Post developers/devops
October is National Cybersecurity Awareness Month (NCSAM). NCSAM is a joint effort between government and industry to raise awareness about cyber threats. This year, NCSAM highlights three areas where cyber security protections ...
Sonatype Blog