How a Software Bill of Materials Uncovers Known Vulnerabilities

3 minute read time

How a Software Bill of Materials Uncovers Known Vulnerabilities
Read More...

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

4 minute read time

[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management

5 minute read time

[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...

Code, Cars, and Congress: A Time for Cyber Supply Chain Management (1 of 3)

5 minute read time

Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...

Talking Turkey in Texas: Open Source Governance Lags

3 minute read time

Talking Turkey in Texas: Open Source Governance Lags
Read More...

CIO.com: Helping Developers Reduce Open Source Risk

1 minute read time

CIO.com: Helping Developers Reduce Open Source Risk
Read More...

Bash 2014 - This Is Not a Party

2 minute read time

I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and

Read More...

Skeleton Key

2 minute read time

A skeleton key is capable of opening any lock regardless of make or type. Do you know anyone who has one? I do. Lots of them. At the HP Protect conference last week in Washington DC, the theme of
Read More...

11,000 Voices

2 minute read time

This week, I will be attending AppSec USA in Denver with the rest of our Sonatype crew. While it will be my first time attending the event, I am really excited to be leading a panel discussion at the

Read More...