Skip Navigation

Manage open source risk with improved malware detection

5 minute read time

Malware targeting developers remains a major concern. Learn what your organization can do to keep cybersecurity risks out of your development pipeline.

5 key open source software security risks and how to prevent them

By Luke Mcbride on December 01, 2022 shift left

5 minute read time

An in-depth look at several key open source security and license risks, along with plans and methods to insulate yourself or avoid them entirely.

Malicious Code Injection Strikes Again as npm Foils $13M Cryptocurrency Theft

By Derek Weeks on June 07, 2019 vulnerabilities

2 minute read time

The latest attempt at a cryptocurrency heist demonstrates how open source software components are used throughout the cryptocurrency ecosystem.

House Oversight Report: Equifax Open Source Breach Was Entirely Preventable

By Matt Howard on December 10, 2018 devsecops

3 minute read time

Equifax is not alone. In the last decade, there have been hundreds, if not thousands, of companies have suffered the exact same, easily preventable, mistake.

An Open Discussion on Open Source Review Boards

By Derek Weeks on March 17, 2014 Sonatype Says

1 minute read time

The recent FS-ISAC whitepaper, “Appropriate Software Security Control Types for Third Party Service and Product Providers”, reveals the majority of internal.