Sonatype Unveils Full-Spectrum Software Supply Chain Management | Press Release

What is a Software Bill of Materials (SBOM)?

By Justin Reynolds on September 27, 2021 software bill of materials
A deep dive into a Software Bill of Materials with top use cases, benefits, and ways to manage.
Read More...

How Does Securing the Software Supply Chain Fit the DoD CIO Zero Trust Architecture?

Curious how the DoD Zero Trust Architecture relates to secure development and protecting your software supply chain? We're breaking that down for you.
Read More...

SBOM – From the Idea of Transparency to the Reality of Code

Allan Friedman from the NTIA has been working on SBOM standards in government and industry, for years. He spoke at ELEVATE 2021 about their status and future.
Read More...

Biden Executive Order on Cybersecurity Calls for Enhanced Software Supply Chain Security

Biden's Cybersecurity Executive Order mandates software supply chain security and secure development practices, including creating a software bill of materials for all applications.
Read More...

Using a Software Bill of Materials (SBOM) is Going Mainstream

Crazy: OWASP A9 is about to turn seven and the DevSecOps Community Survey shows less than half of organizations can produce a Software Bill of Materials.
Read More...

Why You Need a Software Bill of Materials More Than Ever

By Katie McCaskey on December 05, 2019 software bill of materials
Enterprises need to know what open source components are in their software at all times. If you don't have a software bill of materials, you're already behind.
Read More...

US Energy and Commerce Committee: 6 Strategies for Modern Cybersecurity Risks

By Ilkka Turunen on December 18, 2018 software bill of materials
On the 12th of December the Subcommittee on oversight and investigations released an additional report identifying the core strategies organisations can take to address modern cybersecurity risks.
Read More...

WSJ on Struts: Companies Still Downloading Flaw Linked to Equifax Breach

The Wall Street Journal discusses open-source governance, Struts and how companies are still downloading the flaw that led to the Equifax Breach
Read More...

Eight More Struts Breaches

When using vulnerable versions of the framework, organizations are breached. Everyone knows the Equifax story, but for folks like me who have been paying closer attention, the story also includes the
Read More...