Learn how Chainguard is strengthening software supply chains by expanding its secure repository of Java, JavaScript, and Python libraries, enabling DevOps teams to access components compliant with SLSA framework standards.
DevSecOps Implementation: Source Composition Analysis
This is the second installment in this series on DevSecOps. Read the first installment, on Static Analysis, here. One of the better additions to security in recent years is source composition analysis (SCA). The purpose of SCA is to sit in the gap between static analysis and dynamic analysis to help you find issues introduced […]
5 Ways to Detect Application Security Vulnerabilities Sooner to Reduce Costs and Risk
Security testing has always been an important step in the application development process. Yet, traditional measures often occur too late in the process to effectively find and fix vulnerabilities before causing costly production delays, or worse, putting organizations at risk for potential security breaches. To minimize security-related costs and risks, testing needs to occur sooner […]
Open Source Vulnerabilities Were Up 50% in 2019 — How Will It Impact Software Development in 2020?
Open source vulnerabilities have been on the rise in recent years, but 2019 was truly one for the record books with a spike of nearly 50% over the previous year. According to the recently released State of Open Source Security Vulnerabilities report by the WhiteSource research team, the number of vulnerabilities jumped from 4,100 in […]
Python’s Popularity Continues: Examining the Top Use Cases
Python continues to be one of the most popular coding languages in use. In fact, the TIOBE index of programming language popularity named it the 2018 Language of the Year. Its usage and adoption continue to grow and proliferate into additional use cases. Python’s popularity and growth are in part because it’s flexible and easy […]