IBM and Red Hat aren’t the only ones that mean to lock down open-source code against AI hacking tools. Last week, IBM and Red Hat launched Project Lightwell to protect open-source projects with $5 billion and 20 thousand engineers. Not to be outdone, with tongue in cheek, Chainguard’s CEO Dan Lorenc announced a $50 million, […]
Open Source Contribution is About More Than Just Altruism
Passive consumption of open source software creates hidden costs, including $670,000 annually in internal workarounds; however, organizations that shift to upstream contribution report up to 5x returns through improved talent retention and faster development cycles.
OpenSSF Defines Baseline for Securing Open Source Software
The Open Source Security Foundation (OpenSSF) has launched an initiative to provide maintainers of open source software projects with a set of baseline security requirements that can be realistically attained and maintained by small teams.
Scarf Integrates Platform for Tracking Open Source Software Usage With Salesforce
Scarf today at the KubeCon + CloudNativeCon 2024 conference revealed it has integrated its platform for tracking consumption of open source software with the Salesforce customer relationship management (CRM) platform
White House to Spend $11 Million to Study Open Source Software Use
Hardening the security around open source software has been a key part of the White House’s larger cybersecurity efforts since President Biden released his executive order for improving the United States’ security posture in May 2021, only months after taking office. Now the Biden Administration and the Department of Homeland Security (DHS) are putting $11 […]
ForAllSecure Adds Free Testing Tools for OSS
ForAllSecure is investing to make open source software (OSS) more secure and is making available free, personal-use versions of its Mayhem application security testing tools infused with artificial intelligence (AI) capabilities to anyone using GitHub repositories. Company CEO David Brumley said anyone who integrates Mayhem into a qualified GitHub repository being used to build open […]
Fixing Spring4Shell Starts With Software Supply Chain Management
Spring4Shell is the latest call to action for radically improved software supply chain integrity. While Spring4Shell investigations continue, one conclusion is indisputable: We must holistically rethink the way we continuously inventory and manage the complex landscape of interrelated software and its sources. Whether or not Spring4Shell surpasses the breadth of impact of Log4j, there’s still […]
IDC Tech Spotlight: Making Open Source Work for You
Starting from remarkably humble beginnings over three decades ago, open source software is the story of a better mousetrap that wins over the world. Originally, the intent of open source projects was to create software that system administrators and developers could use without having to pay licensing fees – but it has become much, much […]
Accelerate Your SDLC With DevSecOps
DevOps has been the answer to rising software development complexity, but the granularity and multiplicity of actors, technologies and environments brings added security requirements. Moving to DevSecOps will not only help with these requirements but also accelerate the software development life cycle (SDLC). As development projects mature, more developers get involved, the code base grows […]
Discover Rocket Open AppDev for Z
Give your developers the open software they want through a system that combines an easy user experience with the security and support IBM® Z® customers demand. Rocket® Open AppDev for Z helps you bring applications to market faster, at lower cost and with less risk. We make it easier to implement modern application development practices by […]