Source Link Earlier this week, Chris DeRusha, federal CISO and deputy national cyber director…
Application Security
-
-
Application SecuritySecurity
U.S. government issues guidance for developers to secure the software supply chain: Key takeaways
by Chris Hughesby Chris HughesSource Link Software supply chain attacks are on the rise, as cited in the…
-
Source Link Devsecops firm AutoRabit is trying to address security issues arising from policy…
-
Application SecuritySecurity
8 notable open-source security initiatives of 2022
by Michael Hillby Michael HillSource Link Open-source security has been high on the agenda this year, with a…
-
Application SecuritySecurity
OpenSSF releases npm best practices to help developers tackle open-source dependency risks
by Michael Hillby Michael HillSource Link The Open Source Security Foundation (OpenSSF) has released the npm Best Practices…
-
Application SecuritySecurity
Traceable AI debuts API testing product for its security platform
by Jon Goldby Jon GoldSource Link Traceable AI today announced the general availability of xAST, an API security…
-
Source Link It seems like just yesterday that the mad scramble following the SolarWinds…
-
Application SecuritySecurity
Vulnerability eXploitability Exchange explained: How VEX makes SBOMs actionable
by Chris Hughesby Chris HughesSource Link The fallout of the SolarWinds cybersecurity incident, coupled with Cybersecurity Executive Order…
-
Application SecuritySecurity
SBOM formats SPDX and CycloneDX compared
by Chris Hughesby Chris HughesSource Link Software bills of materials (SBOMs) are becoming a critical component of vulnerability…
-
Application SecuritySecurity
How OpenSSF Scorecards can help to evaluate open-source software risks
by Chris Hughesby Chris HughesSource Link Everyone knows the phrase “software is eating the world” by Marc Andreessen…