Featured Article
Introducing our 9th annual State of the Software Supply Chain report
Part 2 - [ ________ ] is the Best Policy
3 minute read time
Part 1 - [ ________ ] is the Best Policy
3 minute read time
Outnumbered, Again
3 minute read time
I remember it clearly. Sitting down for breakfast, I opened the Sydney Morning Herald to see the latest headlines in Australia for the day. As I shuffled through the paper, I finally landed upon the
Two AppSec Questions Always Asked
4 minute read time
While Repository Health Checks are valuable, we just released something even better: the CLM 1.11 Dashboard. First of all, it helps you answer the first two critical open source vulnerability
Part 2: The Internet of Everything: Code, Cars, and More
3 minute read time
In part one of my blog, It's Just the Way Software is Made, I discussed the realities of how software is made, the birth of agile development, and the advent of component-based software development.
Trusting Third-Party Code That Can't Be Trusted
2 minute read time
Paul Roberts (@paulfroberts) at InfoWorld recently shared his perspective on “5 big security mistakes coders make”. First on his list was trusting third-party code that can’t be trusted. Paul shares:
Part 3: The Internet of Everything: Code, Cars, and More
3 minute read time
In part two of my blog 'A Closer Look at Today's Software Supply Chain', I discussed why human-speed supply chain management can’t keep pace with today’s agile software development practices and why
Are You Choosing the "Right" Component?
4 minute read time
In our recent open source developer survey we asked, what are the TOP FOUR characteristics considered when selecting a component? And since components are the building blocks used when creating an
Part 1: The Internet of Everything: Code, Cars, and More
3 minute read time