ZeroTrustOps: Securing at scale

By Sylvia Fronczak on June 19, 2020 AppSec

5 minute read time

With zero trust, you assume everything on the network is unsafe. You have to check trust explicitly. This stance improves security throughout the SDLC.
Read More...

Octopus Scanner compromises 26 OSS projects on GitHub

By Brian Fox on May 31, 2020 #OSSsecurity

4 minute read time

The Octopus Scanner malware compromised 26 open source projects hosted on GitHub in a new form of software supply chain attack targeting NetBeans projects.
Read More...

GDPR and OSS. How Are They Linked and Why Should You Care?

By Ryan Sheldrake on November 29, 2017 Everything Open Source

3 minute read time

GDPR and OSS. How are they linked and why should you care?
Read More...

Cybersecurity Improvement Act of 2017:  The Ghost of Congress Past

2 minute read time

A steady breeze is blowing from Washington DC that is nudging the software industry toward a future in which vendors will no longer be immune to liability.
Read More...

Vor Security brings OSS Index to Sonatype

By Brian Fox on June 29, 2017 vulnerability

2 minute read time

Vor Security acquisition, extended language coverage, ossindex.net
Read More...

Heartbleed: The Open Source Vulnerability that Keeps on Giving (and Taking)

By Matt Howard on June 12, 2017 Everything Open Source

2 minute read time

Heartbleed is taking £100,000 from the council more than three years after the fact.
Read More...

We're a Java shop, we're not going to get hacked...

By Tim OBrien on March 27, 2012 Nexus Repo Reel

3 minute read time

We're a Java shop, we're not going to get hacked...
Read More...