Tag: SBoM
Mend.io Adds Tool to Detect Presence of Generative AI Code
Mend.io this week added a MendAI tool to its application security portfolio that identifies code generated by an artificial intelligence (AI) model ...
Lineaje Adds Module to Manage Open Source Software Security Lifecycle
This can help DevSecOps teams identify open source software projects that are not being well maintained ...
The IT-DevOps Life Cycle is Like a Pyramid That Keeps Growing
For the most part, the demand for new technology to solve age-old problems has been a net increase in workload ...
Lineaje Allies With Persistent Systems on Open Source Software Remediation Service
Lineaje and Persistent Systems are providing a managed service for remediating open source vulnerabilities that leverages AI technologies ...
It’s Funny How We Forgot About Container Sprawl
Don MacVittie explains how DevOps technology and tools have saved developers from the horrors of container sprawl ...
ForAllSecure Streamlines Application Security Testing
ForAllSecure provided early access to dynamic SBOM generation and SCA validation capabilities within its Mayhem Security automated code and API testing tool ...
Low-Hanging Fruit, 2023 Edition: Part Two
Last time, we discussed setting up a comparative inventory system for your growing API footprint. The idea is that as security catches up to new technology deployments, enterprises will have to step ...
The Security Pipeline
Over the last few years, the ability to secure our applications has grown, and deep integration into the DevOps toolchain has, too. There are more tools doing more security checks protecting more ...
ReversingLabs: Increased Focus on Software Supply Chain Security
A global survey of 300 global executives, technology and security professionals found software containing vulnerabilities (82%) followed by secrets leaked through source code (55%), malicious code (52%) and suspicious code (46%) posed ...
Managing Risk
We have built some beautiful toolchains that crank out a finished product on the fly without needing anything close to the level of intervention that was historically required. The most advanced organizations ...
ActiveState Makes All Tiers of Curated Artifact Repository Service Free
ActiveState today announced it is making all tiers of its ActiveState Artifact Repository service available for free for a limited time. The move aims to enable organizations to better secure open source ...
Chainguard Adds Private Edition of Code Signing Platform
Chainguard today added a private preview of a Chainguard Enforce Signing service, enabled by the open source Sigstore project, that allows developers to generate digital signatures for software artifacts using identities and ...