Help! There’s too many Vulnerabilities! A Practical Guide to Tackling Open-Source SecurityWhen organizations embark on securing open-source software within their applications, they are often overwhelmed by the number of…Dec 2Dec 2
A FAIR Approach to Vulnerability Patch PrioritizationI recently had the opportunity to speak with Denny Wan on the fascinating topic of using a FAIR approach to Vulnerability Patch…Nov 18Nov 18
Open-Source Vulnerability Management Policy: A Balanced ApproachIn today’s rapidly evolving cybersecurity landscape, managing vulnerabilities in open-source components has become increasingly complex…Nov 4Nov 4
Your Site Was Hacked, and You Never Knew About It: My Real-Life Encounter with a Supply Chain…Just yesterday, I received a LinkedIn message about an interesting job opportunity, complete with a link to the job ad. Before clicking, I…Oct 31Oct 31
Introduction to Stakeholder Specific Vulnerability Categorization (SSVC)Introduction to SSVC: Do You Need It and How Does It Work?Oct 21Oct 21
Cracking the Code: Choosing the Right Software Composition Analysis ToolIn today’s fast-paced digital world, where software vulnerabilities can spell disaster for businesses, choosing the right Software…Oct 7Oct 7
5 Steps for Securing Your Software Supply ChainMost modern applications are assembled from open-source components with developers typically writing less than 15% of the code for their…Sep 9Sep 9
How Secure Is Open-Source Software?Open-source software is the building block of modern applications. From web frameworks to encryption tools, these readily available…Aug 26Aug 26
Do Your Applications Have a Software Bill of Materials (SBOM)?“Oh, I didn’t realise we were exposed to <vulnerability> as I didn’t think that application was using <open-source-component>.”Aug 12Aug 12