John Siefert, Chris Hughes, Frank Domizio, and Rob Wood explain why applying software composition analysis (SCA) early in the development cycle makes it easier to address security issues when they arise.
Open-Source Software
The capabilities of Snyk for automatic discovery & remediation have positioned it to shift security left. However, vendor solutions only go so far.
A sustainable future is not out of reach but depends on how we continue efforts to build resilient cybersecurity frameworks which support the critical infrastructures, IoT, and open-source solutions we all depend on.
Bill reconnects with Sonatype Co-founder Brian Fox to find out why it’s taken so long for organizations to respond to the Log4j vulnerability, which was first discovered a year ago.
Bill summarizes the main points from Endor’s 2022 State of Dependency Management study to better understand how cybersecurity professionals should respond to OSS vulnerabilities.
Security and data breaches aren’t all bad news; they’re also opportunities to build on lessons learned and correct deficiencies, as Chris explains.
Bill Doerrfeld summarizes the key points from Sonatypeās “The State of the Software Supply Chain” report to help IT technology divisions better understand how to address open-source security today.
In Ep. 3 of the Acceleration Economy Minute, Kieron references the work of fellow AE cybersecurity analysts who discuss how and why organizations must expand on their approach to defense.
Bill Doerrfeld speaks with oak9 Co-founder Aakash Shah about ways to reduce known and unknown vulnerabilities brought on by open-source software.
There’s a big push for SBOMs (software bills of material) as it’s becoming clear how crucial they are to cybersecurity. Read our guidebook to learn everything about SBOMs, including what they are and why they’re necessary, and how they work.
In Cybersecurity Minute, Ep. 31, Chris Hughes says it’s clear that the Senate’s Securing Open Source Software Act emphasizes how critical open-source software is to national security and society.
Metaverse development will create unfathomable amounts of data in countless forms. Is immudb the open-source ledger database solution to handle it all?
In this Data Revolution Minute, Pablo Moreno explains Google’s release of TensorStore, which is a framework designed to hold and process N-dimensional data. He says this is a perfect solution for training AI.
In this Data Revolution Minute, Pablo Moreno compares the Data Science Landscape 2022 results to the 2020 findings. The study focuses on the security aspect of open-source software.
As Chris Hughes explains, the recent U.S. government response to increased software supply chain attacks will force the cybersecurity industry to innovate.
In Episode 24, Pablo evaluates a recent case with malicious code on an open source development platform and questions whether or not these platforms are truly secure.
As the open source ecosystem has evolved, the Software Bill of Materials (SBOM) has caused a shift in the security market.
There’s no such thing as bad data, Pablo Moreno argues, but it’s up to humans to govern AI-generated output to drive long-term data value
The Software Bill of Materials (SBOM) increases transparency and is expected to become an integral part of the software industry. Bill Doerrfeld explains why, and what organizations must do about it.
With open source at the core of modern technology, abilities to identify and remediate vulnerabilities are becoming increasingly critical.