How a Software Bill of Materials Uncovers Known Vulnerabilities
3 minute read time
How a Software Bill of Materials Uncovers Known Vulnerabilities
Read More...
[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
4 minute read time
[Part 3] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
5 minute read time
[Part 2] Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
Code, Cars, and Congress: A Time for Cyber Supply Chain Management (1 of 3)
5 minute read time
Code, Cars, and Congress: A Time for Cyber Supply Chain Management
Read More...
Talking Turkey in Texas: Open Source Governance Lags
3 minute read time
Talking Turkey in Texas: Open Source Governance Lags
Read More...
CIO.com: Helping Developers Reduce Open Source Risk
1 minute read time
CIO.com: Helping Developers Reduce Open Source Risk
Read More...
Bash 2014 - This Is Not a Party
2 minute read time
I can honestly say that although referred to by the media as Shellshocked, I am neither shocked nor awed. I can’t say that I am a fan of the latest glorification of bugs like Heartbleed and
Skeleton Key
2 minute read time
A skeleton key is capable of opening any lock regardless of make or type. Do you know anyone who has one? I do. Lots of them. At the HP Protect conference last week in Washington DC, the theme of
Read More...
11,000 Voices
2 minute read time
This week, I will be attending AppSec USA in Denver with the rest of our Sonatype crew. While it will be my first time attending the event, I am really excited to be leading a panel discussion at the