Wicked Good Development: Key Takeaways From the State of the Software Supply Chain Report

By Kadi Grigg on November 17, 2022 Software Supply Chain

3 minute read time

Jump into to these four bonus episodes to find highlights and critical takeaway's from Sonatype's 8th Annual State of the Software Supply Chain Report.
Read More...

Rule Over Your Dependencies and Scan at Your Own Open Source Risk

By Aaron Linskens on September 13, 2022 vulnerabilities

5 minute read time

A good way to make sure that your organization's vulnerabilities don't go unnoticed is conducting regular scans of open source used in your environments.
Read More...

Wicked Good Development Episode 11: Vulnerability Drills - The Intention, Habit, and Impact

By Kadi Grigg on July 01, 2022 Software Supply Chain

27 minute read time

To prepare for the unexpected, check your code and run vulnerability drills to create muscle memory for engineering teams and build better software.
Read More...

Wicked Good Development Episode 10: The Evolution of Supply Chain Attacks

By Kadi Grigg on June 14, 2022 Software Supply Chain

22 minute read time

This episode looks at how fraud detection and supply chain attacks are similar, the data science behind these systems, and developer behavior.
Read More...

A Non-Programmer Introduction to the Software Supply Chain (Electron)

By Luke Mcbride on October 14, 2021 Software Supply Chain

3 minute read time

Connecting the larger use by the software industry of component programs to something most people have on their machine right now: The Electron Framework.
Read More...

White House Releases Executive Order on America's Software Supply Chains

By Derek Weeks on February 25, 2021 secure software supply chain

2 minute read time

Following recent SolarWinds attacks on multiple government agencies, US President Biden calls for comprehensive reviews of software supply chains.
Read More...

DevSecOps In The Age Of Containers

By Curtis Yanko on March 30, 2018 Software Supply Chain

3 minute read time

Containers and automated tools create new opportunities for software supply chains and opensource governance as well as system security. DevSecOps, application and system security are all visible in
Read More...

The Hijacking of a Known GitHub ID: go-bindata

By Brian Fox on February 07, 2018 Software Supply Chain

2 minute read time

the creator of go-bindata deleted their @github account and someone else created a new account under the same name
Read More...

Ann Winblad Reflects: The Rise of Software

By Derek Weeks on January 04, 2018 Software Supply Chain

3 minute read time

Imagine this: the 5 U.S. tech companies are annually investing $60 billion in R&D - close to the non-defense R&D budget of U.S. Government.
Read More...