The “Sonatype Safety Rating” is generated by our experimental analysis tool and is an aggregate rating designed to estimate the likelihood of an open source project containing security vulnerabilities.
The new report from Coherent Market Insights, titled “Global Software Composition Analysis Market Size, Share, Price, Trends, Growth, Report and
New Jersey, United States - Verified Market Research has recently published a research report t
This week in malware, we discovered and analyzed nearly five dozen packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
How to Become a New Open Source Contributor Security Boulevard
Almost a year after the world was shelled by log4, Sonatype’s Steve Poole - a long-time secure code promoter sounded the alarm regarding the advancement of cyber attacks during his Devoxx talk. Cyberwarfare is a reality, and countries use cyberattacks to fight other countries. More than awareness, t…
Existing software security firms and new startups tackle the tasks of exposing dependencies and helping developers manage their use of open source components.
/PRNewswire/ -- Pluralsight, the technology workforce development company, today launched two new capabilities for its software development intelligence...
In their new roles, Willy Leichter, Jeff Bell, and Mark Bermingham will expand the company’s marketing capabilities.
The guide covers aspects of security such as how to develop secure code, how to verify third-party components, and how to harden the build environment, among other things, but there are some questionable requirements.
This week in malware, we discovered and analyzed more than 100 packages flagged as malicious, suspicious, or dependency confusion attacks in npm and PyPI registries.
The group focuses on utilizing open-source software for malicious purposes
Count Log4Shell among Chinese hackers’ favorite vulnerabilities, federal agencies say in a compilation of top exploits used by Beijing for state-sponsored cyber
The group focuses on utilizing open-source software for malicious purposes
Coherent Market Insights offers an overarching research and analysis based study on Global Software Composition Analysis Market Report History and Forecast 2022 2025 Breakdown Data by Companies Key Regions Types and Application The report was constructed using a step by ...
Organizations Launch Innovative Security Slam Virtual Event Leading up to KubeCon + CloudNativeConFulton, Md., Oct. 06, 2022 (GLOBE NEWSWIRE) -- Sonatype, the pioneer of software supply chain management, in partnership with The Cloud Native Computing Foundation® (CNCF®), which builds sustainable eco…
Clergy sexual abuse cases are casting a pall over the Catholic Church in Portugal…
Poland’s foreign minister has signed an official note to Germany requesting some $1.3 trillion in reparations for the damage incurred by occupying Nazi Germans during World War II…
King Charles III has decided not to attend the international climate change summit in Egypt next month, fueling speculation that the new monarch will have to rein in his environmental activism now…
Cole Doyle threw two touchdown passes and the St. Francis Red Flash ran for three touchdowns to win their home opener, rolling past Central Connecticut…