Wicked Good Development: Vulnerability Drills - the Intention, Habit, and Impact

By Kadi Grigg on July 01, 2022 Software Supply Chain

27 minute read time

To prepare for the unexpected, check your code and run vulnerability drills to create muscle memory for engineering teams and build better software.
Read More...

Wicked Good Development: The Evolution of Supply Chain Attacks

By Kadi Grigg on June 14, 2022 Software Supply Chain

22 minute read time

This episode looks at how fraud detection and supply chain attacks are similar, the data science behind these systems, and developer behavior.
Read More...

A Non-Programmer Introduction to the Software Supply Chain (Electron)

By Luke Mcbride on October 14, 2021 Software Supply Chain

3 minute read time

Connecting the larger use by the software industry of component programs to something most people have on their machine right now: The Electron Framework.
Read More...

White House Releases Executive Order on America's Software Supply Chains

By Derek Weeks on February 25, 2021 secure software supply chain

2 minute read time

Following recent SolarWinds attacks on multiple government agencies, US President Biden calls for comprehensive reviews of software supply chains.
Read More...

What 36,000 OSS Projects and 12,000 Commercial Dev Teams Taught Us About Secure Coding Practices

By Derek Weeks on June 25, 2019 Software Supply Chain

2 minute read time

Our 2019 State of the Software Supply Chain Report Reveals Best Practices From 36,000 OSS Dev Teams and 12,000 commercial software engineering teams.
Read More...

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain

3 minute read time

Containers and automated tools create new opportunities for software supply chains and opensource governance as well as system security. DevSecOps, application and system security are all visible in
Read More...

The Hijacking of a Known GitHub ID: go-bindata

By Brian Fox on February 07, 2018 Software Supply Chain

2 minute read time

the creator of go-bindata deleted their @github account and someone else created a new account under the same name
Read More...

Ann Winblad Reflects: The Rise of Software

By Derek Weeks on January 04, 2018 Software Supply Chain

3 minute read time

Imagine this: the 5 U.S. tech companies are annually investing $60 billion in R&D - close to the non-defense R&D budget of U.S. Government.
Read More...

Struts2 Vulnerability Cracks Equifax

By Derek Weeks on September 09, 2017 Software Supply Chain

3 minute read time

Equifax breach of 143 million consumer records linked to Struts2 open source vulnerability.
Read More...