Hot Topics

secure software supply chain

Open source risk management: Safeguarding software integrity

Open source risk management: Safeguarding software integrity

| | licenses, open source risk management, secure software supply chain, Sonatype Lifecycle, Vulnerabilities
In the constantly shifting terrain of software supply chains, open source software (OSS) fulfills a dual mandate, propelling innovation forward and serving as the cornerstone of operational efficiency ...
Sonatype Blog
The Google WebP logo

Patch EVERYTHING: Widely Used ‘WebP’ Code has Critical Bug

| | Buffer Overflow, buffer overflow attack, Buffer Overflow Vulnerabilities, buffer overflows, Chrome, Chromium, edge, Electron, Exploitable Vulnerabilities, Firefox, google, Heap Overflow, libwebp, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, opera, SB Blogwatch, secure software supply chain, slack, software supply chain, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Risks, thunderbird, WebP
WebP FAIL. Critical vuln in libwebp: Go get updates to Chrome, Firefox, Edge, Slack and more ...
Security Boulevard
A guide for open source software (OSS) security

A guide for open source software (OSS) security

| | DevZone, open source, secure software supply chain, software supply chain automation, Sonatype Lifecycle, Sonatype Repository Firewall
When you search for a dependable open source software (OSS) component to integrate into your software supply chain, evaluation of the component’s security emerges as a critical task. This involves not only ...
Sonatype Blog
Cyber Resilience Act: The Future of Software in the European Union

Cyber Resilience Act: The Future of Software in the European Union

| | EU Cyber Resilience Act, News and Views, open source, Open source governances, secure software supply chain
Representatives of member states of the European Union (EU) reached a common agreement yesterday regarding the proposed Cyber Resilience Act (CRA) ...
Sonatype Blog

Software Packages, Do We Even Need Them?

| | Maven, Package Managers, secure software supply chain
  ...
Sonatype Blog

Supply Chain Security Inside and Out

| | Open Source Security, secure software supply chain, Sonatype Repository Firewall
  ...
Sonatype Blog

Power Up Your Dependencies: The Parallels of SBOMs and Mario Kart

| | dependencies, FEATURED, open source, SBOM, secure software supply chain
  ...
Sonatype Blog
How to Convert Your SBOM Between SPDX and CycloneDX Formats

How to Convert Your SBOM Between SPDX and CycloneDX Formats

| | DevSecOps, DevZone, open source, SBOM, secure software supply chain
  ...
Sonatype Blog
Sonatype’s Nexus Firewall is an Easy Solution for a Big Problem

Sonatype’s Nexus Firewall is an Easy Solution for a Big Problem

| | FEATURED, malware prevention, Nexus Firewall, Nexus Platform, secure software supply chain, software supply chain automation
  ...
Sonatype Blog
Sonatype Repository Firewall is an Easy Solution for a Big Problem

Sonatype Repository Firewall is an Easy Solution for a Big Problem

| | FEATURED, malware prevention, secure software supply chain, software supply chain automation, Sonatype Platform, Sonatype Repository Firewall
  ...
Sonatype Blog
Load more