Hashes, Hashes, We all Fall Down Leave a Comment / May 20, 2022 May 20, 2022 Hashes, Hashes, We All Fall Down Hi Sloan, I’ve always relied on hashes to identify threats across our network. We recently hired a new security engineer who insists relying on … Read more NOW “Hashes, Hashes, We all Fall Down”
What is Open Source Software? What is Open Source Software? Key Takeaways Open Source software is software where anyone is allowed to inspect, study, modify, and distribute the software’s source code. There are caveats depending … Read more NOW “What is Open Source Software?”
Why DevOps? Why DevOps? Key Takeaways DevOps exists as a way to accelerate innovation through collaboration and frequent releases. Shorter release cycles give customers value more frequently and allow for experimentation. Bringing … Read more NOW “Why DevOps?”
The Software Supply Chain: Explained The Software Supply Chain: Explained Key Takeaways Software development closely resembles a traditional supply chain. Open source packages serve as the sub-assemblies and constituent parts. These parts are stored in … Read more NOW “The Software Supply Chain: Explained”
Sonatype’s Solutions in the Supply Chain Sonatype’s Solutions in the Supply Chain Key Takeaways Sonatype offers a number of tools to that work together for complete software supply chain management. Nexus Repository – Is your personal … Read more NOW “Sonatype’s Solutions in the Supply Chain”
What is DevSecOps? What is DevSecOps? Key Takeaways DevSecOps is an extension of DevOps that focuses on moving security concerns earlier in the development process.“Shift Left” is a term that means moving … Read more NOW “What is DevSecOps?”
Why DevSecOps? Why DevSecOps? Key Takeaways DevSecOps is an extension of DevOps that integrates security into the entire software development process.Software supply chain attacks have been increasing every year making it … Read more NOW “Why DevSecOps?”
An Introduction to Software Composition Analysis An Introduction to Software Composition Analysis Key Takeaways Open source components introduce risk to an applicationThis risk comes from programming oversights, malicious code, and from other packages that an … Read more NOW “An Introduction to Software Composition Analysis”
Zero-Day Doom and Gloom Leave a Comment / May 2, 2022 May 4, 2022 Zero-Day Doom and Gloom Hi Sloan,When recent vulnerabilities like log4j and Spring4Shell were first reported, I heard them described with the words “zero-day”. It sounds pretty dark, like the … Read more NOW “Zero-Day Doom and Gloom”
Component Licenses FAQ Component Licenses FAQ Key Takeaways Almost all open-source software is distributed with a license that governs how you’re allowed to use it. Open Source Software is distributed with a variety … Read more NOW “Component Licenses FAQ”
