Dependency management used to be a private embarrassment: an Ant script, a /lib folder, and classpath roulette. You could ship anyway, and the consequences mostly stayed inside your org.  ...

Open-source software is the cornerstone of most IT platforms and infrastructure. This reliance extends beyond major applications; most software worldwide relies, in part, on even the smallest OSS library that solves a ...

Redis hell: CVSS 10.0 vulnerability in ubiquitous cloud storage layer. PATCH NOW ...

The rise of open source software during the AI boom presents a dual outlook of unprecedented opportunities and risks. Governance gaps, security vulnerabilities, and compliance challenges can ripple across engineering teams, slowing ...

It's only been four months since I last posted about Sonatype's contributions to the open source security ecosystem — not too bad! ...

Artificial intelligence (AI) is transforming industries, from software development to cybersecurity. But as AI adoption grows, so does the discussion around its accessibility and transparency. Unlike traditional software, where the concept of ...

Open-source software fosters collaboration and transparency, leading to quicker vulnerability fixes. Open-source software offers a cost-effective alternative to proprietary solutions, without compromising on security. Live patching in Linux enhances enterprise security by ...

Insight #1 A recent study found that chief information security officers (CISOs) are significantly more anxious about the growing complexity of cybersecurity than their chief information officer (CIO) and chief technology officer ...

As the XZ backdoor attack shines a spotlight on the security of open-source software, here are 5 questions to help you gauge the risk. The post 5 Questions to Ask About Open-Source ...

Based on data from 2023, just under 700 people have made the (sometimes) dangerous journey to space and seen our planet in a different light. Astronauts often write about their experiences in ...