Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update
As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a ...
Wrapping up a decade of insights from the State of the Software Supply Chain
Sonatype's 10th annual State of the Software Supply Chain report marks a transformative decade for open source software ...
Gain visibility and traceability of your software supply chain with SBOMs with new Gartner® report
When you better understand the complexities of your software, you take a foundational step toward enhancing security and managing risks in your software supply chain ...
From risks to resilience: Best practices for software supply chain security
As software supply chains evolve in complexity, managing security risks has become an ever-changing challenge. New threats emerge daily, driven by rapid innovation and the heavy reliance on open source components ...
Sonatype recognized as a leader in SCA software in Forrester Wave
We are thrilled to announce that The Forrester Wave™: Software Composition Analysis Software, Q4 2024 recently named Sonatype a leader in software composition analysis (SCA) software. Sonatype received the highest scores in ...
Fake IP checker utilities on npm are crypto stealers
Recently identified npm packages called "node-request-ip", "request-ip-check" and "request-ip-validator" impersonate handy open source utilities relied upon by developers to retrieve an external IP address but instead target Windows, Linux and macOS users ...
Gartner report: How SBOMs improve security and compliance in the software supply chain
As software supply chain risks rise, regulatory authorities are increasingly requiring organizations to adopt software bills of materials (SBOMs) for security and compliance ...
Optimizing efficiency and reducing waste in open source software management
As the use of open source software (OSS) continues to grow, so do the challenges around maintaining security and efficiency in software dependency management ...
Securing your software supply chain with CISA’s new SBOM guidance
With new and increasing cyber threats abound, navigating global software regulations and staying informed and compliant can seem like an unending task. To help mitigate risks within the software applications organizations use ...
Gartner Report: How to Respond to the Threat Landscape in a Volatile, Complex and Ambiguous World
Refine your cybersecurity strategies to navigate the challenges of a VUCA (volatility, uncertainty, complexity, and ambiguity) environment ...
