Tag: open source security
How Devs Can Improve Open Source Security in the Enterprise
Modern applications are dynamic. They’re distributed and they’re often born in the cloud. These applications can be developed on the fly, spun up and scaled quickly to meet evolving user and market ...
Securing Open Source Components in a World of Mixed Committer Motivations
Our world runs on software that contains open source components. This places an increased burden on developers, as the primary consumers and deployers of those components, to use code that is fully ...
Sigstore Code Signing Service Becomes Generally Available
A free digital signing service for software created by the Sigstore open source community has become generally available this week via the cloud. Announced at the SigstoreCon event that occurred during the ...
Log4j: Is There Such a Thing as ‘Too Much’ Open Source?
The Log4j vulnerability got me thinking: Is there such a thing as too much open source? Before anyone immediately fires off a flaming email, rage tweet or scathing blog post, hear me ...
Snyk Tool Prioritizes Open Source Vulnerabilities
Snyk today announced it has enhanced the ability of its namesake vulnerability scanning tool by adding the ability to identify which open source vulnerabilities should be fixed first using a scoring tool ...
Open Source Vulnerabilities Were Up 50% in 2019 — How Will It Impact Software Development in 2020?
Open source vulnerabilities have been on the rise in recent years, but 2019 was truly one for the record books with a spike of nearly 50% over the previous year. According to ...