open-source-software
Beyond open vs. closed: Understanding the spectrum of AI transparency
Artificial intelligence (AI) is transforming industries, from software development to cybersecurity. But as AI adoption grows, so does the discussion around its accessibility and transparency. Unlike traditional software, where the concept of ...
The Role of Open-Source Software in Enterprise Security
Open-source software fosters collaboration and transparency, leading to quicker vulnerability fixes. Open-source software offers a cost-effective alternative to proprietary solutions, without compromising on security. Live patching in Linux enhances enterprise security by ...
Cybersecurity Insights with Contrast CISO David Lindner | 8/16/24
Insight #1 A recent study found that chief information security officers (CISOs) are significantly more anxious about the growing complexity of cybersecurity than their chief information officer (CIO) and chief technology officer ...
5 Questions to Ask About Open-Source Software in the Wake of XZ
As the XZ backdoor attack shines a spotlight on the security of open-source software, here are 5 questions to help you gauge the risk. The post 5 Questions to Ask About Open-Source ...
The overview effect: Two decades of unique perspective
Based on data from 2023, just under 700 people have made the (sometimes) dangerous journey to space and seen our planet in a different light. Astronauts often write about their experiences in ...
Sonatype Unveils State-of-the-Art Artificial Intelligence Component Detection
In the rapidly evolving world of software development, the adoption of artificial intelligence (AI) and machine learning (ML) is no longer just a trend—it's a revolution ...
How manufacturing best practices can improve open source consumption and software supply chains
The biggest problem facing software organizations today is an inability to track, monitor, and improve the usage of open source software. This isn’t about security alone. From DevOps to DevSecOps, there are ...
Introducing YaRadare
Deepfence YaRadare (“Ya-Radar”) scans container images, running Docker containers, and filesystems to find indicators of malware. It uses a YARA ruleset to identify resources that match known malware signatures, and may indicate ...
Reachability and Risk: Tools for Security Leaders
By Malcolm Harkins, Bryan Smith, Rob LundyAttacker Reachability (or “Attackability”), is a concept in open source software vulnerability management. It’s a way to understand if, 1) a vulnerability is present, and 2) Can ...
How to Establish an Open Source Program Office
It feels like some people don’t have a strong understanding of open source. Some misunderstandings have come from working with open source in an environment filled with proprietary software. When the words ...
