Forbes

How Socket Plans To Save The World From Open-Source Attacks

Earlier this year, the world came within a few weeks of a disastrous cyber security failure that would have enabled bad actors to penetrate the IT systems of millions of organisations worldwide. The ...
InfoWorld

New AI tool targets critical hole in thousands of open source apps

The tool, created by university researchers, is designed to find and automatically create a patch for vulnerabilities in large repositories like GitHub, but it isn’t perfect yet. Dutch and Iranian ...
Dark Reading

Code-Scanning Tool's License at Heart of Security Breakup

A group of nine application security service providers announced they would "fork" the popular code-scanning project Semgrep, creating a new codebase, after a series of moves by the eponymous startup ...
SiliconANGLE

Snyk launches Secure Developer Program to strengthen open-source security

Cybersecurity company Snyk Ltd. today announced the launch of its Secure Developer Program, a new initiative designed to empower open-source software maintainers with cutting-edge, develop-friendly ...
Hosted on MSN

Ten years of OSSRA: what a decade of data tells us about the state of open source security

When the first Open Source Security and Risk Analysis (OSSRA) report was published in 2015, the software landscape looked very different. Security teams were just beginning to grasp the implications ...
Computer Weekly

Sonatype CEO on self-service: The vulnerability data gap undermining AI-driven development

Increasingly, self-service tools and internal developer platforms (IDPs) are configured to make critical decisions, but ...