software supply chain
Getting Physical with Cybersecurity
LAS VEGAS – Security doors and cameras, alarms and biometrics, smart locks and drones, were some of the security device types on display at ISCWest (International Security Consortium West) 2025 at the ...
How SBOMs power secure software acquisition | Sonatype Blog
CISA's Supply Chain Integrity Month reminds us of an undeniable truth about modern software development: transparency in software supply chains is no longer optional. The theme of week 4 is "Transparency: Securing ...
​Elevate your organization’s success: Submissions now open for the 2025 Sonatype Elevate Awards
We are thrilled to announce that the 2025 Sonatype Elevate Awards are officially open for submissions ...
Will the FDA Start Banning Chinese-Made Medical Devices?
Interview with Joe Silvia, CEO of MedWare Cyber Click here to listen. In late January, the FDA issued a safety warning on Contec CMS8000 patient monitors and those relabeled as MN-120. The ...
Everything While Training: Lessons on C and C++ Secure Coding Practices with Tanya Janca
Click here for full interview. In this show, we speak with Tanya Janca, aka SheHacksPurple, a renowned code security trainer with nearly 30 years of experience in application development, engineering, and testing ...
The hidden threat: Tackling malware in your software supply chain
The value of open source is undeniable — 90% of all modern software development depends on it. According to Harvard Business School, in 2024 alone, more than 6 trillion open source software ...
U.S. Bans Software and Firmware Products From Adversarial Countries
In January 2024, U.S. law went into effect that would ban smart cars with Russian and Chinese technology and protect the vehicle supply chain due to concerns about the privacy of consumer ...
Securing multi-environment deployments: Cloud, on-premise, and air-gapped
Modern software delivery makes use of many different deployment environments, from public cloud to private cloud and traditional on-premise data centers to highly secured air-gapped systems. Organizations take advantage of multiple deployment ...
AI Wars Playing Out in Application Attacks and Defenses
Deb Radcliff interviews Bugcrowd founder and white hat hacker, Casey Ellis. As if protecting applications wasn’t tough enough, attackers are now leveraging AI to find and exploit application vulnerabilities faster, outpacing patch ...
Assessing your open source software security efficacy
Open source software has become the foundation of modern application development. With up to 90% of most applications consisting of open source components, organizations — especially in financial services — need to ...
