Tag: Dependency Management
The Risk Profile of AI-Driven Development
Ilkka Turunen | | AI-generated code, AIBOM, autonomous development, autonomous security, challenge bottleneck, CI CD gating, cloud-native security, Dependency Management, GRC engineering, hallucinations, IDE controls, license compliance, machine speed enforcement, OpenSSF Gemara, Outdated Dependencies, policy based dependency selection, prompt level governance, review bottleneck, runtime transparency, SBoM, secure by default, shift left security, Software Supply Chain, threat modeling, transitive dependencies, trusted registries, typosquattingAnalysis arguing that AI-driven code generation accelerates dependency decisions and expands supply-chain risk, requiring shift-left governance, prompt-level controls, automated SBOM/AIBOM visibility, threat-modeling as engineering, and autonomous security to match autonomous development ...
The Hidden Security Risks in Modern JavaScript Frameworks and How React Teams Can Reduce Them
Samuel Ogbonna | | client-side rendering security, client-side vulnerabilities, content security policy, Dependency Management, frontend attack surface, frontend security best practices, input validation, JavaScript dependencies, JavaScript security, JavaScript vulnerabilities, modern JavaScript frameworks, NPM security, React application security, React security risks, secure React development, SPA security, state management security, third-party libraries risk, web application security, XSS attacksReact and modern JavaScript frameworks accelerate development—but hide serious security risks. Learn where vulnerabilities come from and how to reduce client-side attack surfaces ...
Surprise! Everybody Uses AI Tools for Software Development, Few Do So Securely
Teri Robinson | | AI security, AI-generated code, appsec, code security automation, Dependency Management, devsecops, SBoM, secure coding, software supply chain riskAI is generating code faster than teams can secure it, widening software supply chain risk and exposing major gaps in AppSec and governance ...
The Silent Technical Debt: Why Manual Remediation Is Costing You More Than You Think
Bob Shaker | | ActiveState report, continuous remediation, cybersecurity efficiency, Dependency Management, developer productivity, devsecops, engineering performance, innovation tax, intelligent remediation, KubeCon 2025, manual remediation, Mean Time to Remediate, mttr, open source security, remediation debt, security automation, software vulnerabilities, technical debt, transitive dependencies, vulnerability managementManual vulnerability remediation drains time, innovation, and security. Learn how intelligent remediation eliminates hidden technical debt and accelerates DevSecOps ...
Why Nano Updates Only Work if You Begin with the Latest and Greatest Software
Dustin Kirkland | | automated updates, CI/CD, container updates, continuous delivery, continuous improvement, CVE reduction, Dependency Management, devsecops, engineering and security collaboration, legacy modernization, Linux base images, modern software stacks, nano updates, secure development practices, security patching, software hygiene, software maintenance, software updates, technical debt, vulnerability managementIs there a silent threat of technical debt looming in your organization? You probably should take a deeper look. Modern software systems are composed of hundreds of interdependent components. How are you ...
Proactive Dependency Management: Reducing Risk and Improving Software Quality
Justin Young | | dependencies, Dependency Management, devops, open-source components, quality, risk, Software Supply ChainManaging dependencies isn’t just best practice, it is an essential ongoing process. Implement these strategies in your projects to stay ahead of potential issues and ensure your software remains reliable, secure and ...
