ThreatMapper Integrates with AWS Security Hub for Improved Security Observability

ThreatMapper Integrates with AWS Security Hub for Improved Security Observability

We’re excited to announce a new integration with AWS Security Hub at the 2022 AWS:ReInvent conference. Deepfence ThreatMapper is a rapidly growing and widely adopted open-source Cloud Native Application Protection Platform (CNAPP) ...
Cluster overview in Polaris showing checks and cluster health

Top 4 Kubernetes Open Source Tools You Need in 2023

| | open source
It’s wild to think that 2022 is wrapping up and that many of us are prepping for what’s next in 2023. As the new year fast approaches, it’s time to consider what ...
AWS Karpenter Readiness: 6 Ways to Make Sure You're Ready for the Move

AWS Karpenter Readiness: 6 Ways to Make Sure You’re Ready for the Move

| | General, open source
For people familiar with Kubernetes, you already know that it has many configurations available, either to scale or to perform better. In the past, most organizations used the cluster-autoscaler from Kubernetes to ...
industrial Colonial Pipeline critical infrastructure OT Utilities

Critical Infrastructure’s Open Source Problem

Open source has a security problem, and that could have real-world impact when it affects critical infrastructure. According to research from Synopsis, 78% of code in codebases is open source, and 81% ...
Security Boulevard
firmware open source Log4j OpenSSF API security dynamic code application

Gov’t Adds Open Source Security to Software Supply Chain

The federal government is stepping up to protect the software supply chain. Last year, president Biden signed an executive order to improve national cybersecurity and bring better protection to federal government networks ...
Security Boulevard

Perception Versus Reality: a Data-Driven Look at Open Source Risk Management

On October 18th, 2022, Sonatype published the 8th Annual State of the Software Supply Chain. The report is our ongoing contribution to a growing body of knowledge and software development using third-party ...

Open Source Basic Practices for Higher Quality Code to Fundamentally Strengthen Your Project

Sonatype has partnered with the Cloud Native Computing Foundation (CNCF) for Security Slam, an event to help improve the security of open source projects. To extend the value of this event, we ...
Column Transformer Sliceline

Stopping Bots With Sliceline Machine Learning

Cybersecurity Data Scientist Antoine de Daran reveals how the sliceline open-source ML package helps DataDome stop bots ...
Iot census

Malware, Ransomware, IoT Pose Major IT Security Challenges

More than 4 billion malware attempts were recorded globally so far in 2022, while year-to-date ransomware attempts have already exceeded full-year totals from four of the last five years. These were among ...
Security Boulevard
GitHub ICS Risk

GitHub Flaw Underscores Risks of Open Source, RepoJacking

A GitHub vulnerability was recently discovered that lets attackers seize control of a GitHub repository and infect all the applications and code that depend on it with malicious code. This vulnerability is ...
Security Boulevard