NIST: Adopt a Secure Software Development Framework (SSDF) to mitigate risk of software vulnerabilities

2 minute read time

NIST recommends a SSDF framework to assess open source component cybersecurity risks, including an SBOM and automated security controls in the SDLC.
Read More...

Federal DevSecOps Leaders: It's Time to Join The Conversation

3 minute read time

The DevSecOps Government Leadership Forum, typically hosted in Washington, D.C., will be hosted online so government leaders everywhere can participate.
Read More...

NIST Proposes Standards to Secure Government SDLC

3 minute read time

NIST has proposed a set of standards to address the growing need for better software security. Public comment is open until August 5, 2019.
Read More...

Cybersecurity Improvement Act of 2017:  The Ghost of Congress Past

2 minute read time

A steady breeze is blowing from Washington DC that is nudging the software industry toward a future in which vendors will no longer be immune to liability.
Read More...

How a Software Bill of Materials Uncovers Known Vulnerabilities

3 minute read time

How a Software Bill of Materials Uncovers Known Vulnerabilities
Read More...

Talking Turkey in Texas: Open Source Governance Lags

3 minute read time

Talking Turkey in Texas: Open Source Governance Lags
Read More...

42,000 Nexus Repository Managers, and Growing!

6 minute read time

42,000 Nexus Repository Managers, and Growing!
Read More...

CIO.com: Helping Developers Reduce Open Source Risk

1 minute read time

CIO.com: Helping Developers Reduce Open Source Risk
Read More...

How Big is a Billion? Open Source Growth Skyrockets

2 minute read time

How Big is a Billion? Open Source Growth Skyrockets
Read More...