software
Mitigating Lurking Threats in the Software Supply Chain
The first step to addressing software supply chain vulnerabilities and threats is to understand the most common attacks. Here's where to start ...
Adventures in Audits, Part One: How Software License Terms Drive Audit Resolution
If your company uses software under a license agreement that gives audit rights to the software vendor—and your company probably does—you may well have an adventure in your future. Vendors do, in ...
SBOMs Can Help You With Compliance, Too
Software bills of materials (SBOMs) are increasingly hitting the news as the federal government focuses on improving the nation’s cybersecurity. President Biden has identified this as a top priority of his administration, ...
Your Vendor’s Vendor Adds Risk to the Open Source Supply Chain
Organizations rely heavily on third-party vendors and contractors. Smart companies will have a service level agreement (SLA) with each vendor which includes information about the vendor’s approach to cybersecurity—in fact, it’s a ...
Augmented Software Engineering in an AI Era
Artificial Intelligence (AI) has been making waves in many industries, and software engineering is no exception. AI has the potential to revolutionize the way software is developed, tested, and maintained, bringing a ...
What are Software Audits and Why are They on the Rise?
Recent years have seen an uptick in software audits, with more companies being asked to provide evidence of licensing compliance. This is largely due to the fact that organizations are now using ...
APIs and the Software Supply Chain: What you need to know
The software supply chain is a concept that refers to the processes and technologies used to manage software products over their lifespan. It's a network of entities involved in the development, distribution, ...
Foundational Activities for Secure Software Development
Follies The Broadway Tower in Worcestershire, England is a famous structure. It’s inspiring, beautiful, and at 62 feet high, like other similar buildings, it’s a folly. While it looks grand inside and ...
Are Vendors Failing in the Face of Open Source Cyberthreats?
Software vendors must understand the implications a breach in open source software might have on their own product or service. In December 2021, for example, a vulnerability was discovered in Log4j, an ...
ICS Security in Healthcare: Why Software Vulnerabilities Pose a Threat to Patient Safety
The lack of healthcare cybersecurity is one of the most significant threats to the sanctity of the global healthcare industry. This is made evident by the fact that in 2020 more than ...
