The Software Bill of Materials (SBOM) has made quite a stir lately. From President Biden’s executive order to further secure our infrastructure to the NHS in Britain, emulating the mandate to improve security and transparency for England’s healthcare system. Given the sudden popularity of the SBOM and the resulting demand to create one, we feel […]
According to two recent security research reports* on open source software, internally developed software contains up to 75% of open-source software. The report also concludes that open-source used within codebases contain on average 158 vulnerabilities and 60% of the codebases have ‘high risk’ open-source vulnerabilities that have been actively exploited. According to research, the three […]
How do you know what is really in your software? Open-source software is present in an overwhelming amount of proprietary codebases and public projects. For the global 2000, the question you should be asking is not “ if you are or aren’t using open source code.” The right question is, “what open-source code you’re using, […]
As the steward of the Open Source Definition, the Open Source Initiative has been designating licenses as “open source” for over 20 years. These licenses are the foundation of the open-source software ecosystem, ensuring that everyone can use, improve, and share software. When a license is approved, it is because the OSI believes that the […]
The pressures of being a CISO are capacious and extend well past concerns of incident response time. There are pressures of maintaining budgets, reporting improved performance to stock-holders, and during a time when the breadth and number of cyberattacks are increasing, the challenges to find qualified prospects to fill a considerable number of unfilled positions. […]
The Supreme Court has ruled in Google’s favor, stating that the use of 12,000 lines of code from Oracle’s Java SE program was permitted as “fair use.” In its ruling, the Supreme Court states Google’s copying “only those lines of code that were needed to allow programmers to put their accrued talents to work in […]
Go to developer forums, Youtube channels and blog posts, and you’ll find endless conversations about copying and pasting code. The discussion revolves around whether this practice is a lazy form of code development or whether it will cause problems with achieving the desired outcome. They discuss if it will take longer to fix the bugs […]
Open source is systematically being attacked on the infrastructure used to distribute code. In a few years, we’ve experienced attacks on pre-existing vulnerabilities occurring months after a disclosure down to a few days. Attackers now directly hijack the publisher’s credentials and distribute malicious components.This worrisome trend requires enterprises to have in-depth knowledge of what open […]
Deepanshu Kher, an IT contractor who was caught hacking into a Carlsbad companies server was sentenced to two years in prison. He was found guilty of deleting over 1200 of its 1500 Microsoft 0365 user accounts. He was retaliating for being fired from the IT consulting firm that was assisting an unidentified company with its […]
A Development Manager has many hats. Their responsibilities include overseeing the team’s development of systems, software, and deployments. They are in charge of training, hiring, budgets, and enforcing deadlines. Perhaps, their most important role is to improve their developer’s productivity. Developers are the foundation of a company’s software success. A happy developer will be more […]