all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Perception Versus Reality: a Data-Driven Look at Open Source Risk Management

Add to bookmarks
Nov. 11, 2022, 9:40 p.m. | Luke Mcbride

Sonatype Blog blog.sonatype.com




On October 18th, 2022, Sonatype published the 8th Annual State of the Software Supply Chain. The report is our ongoing contribution to a growing body of knowledge and software development using third-party open source software. One of the report’s primary authors and VP of Product Innovation Dr. Stephen Magill presented a talk summarizing the report with additional context, background, and data.

data devops events and webinars management news and views open source post developers risk risk management vulnerability

Visit resource

More from blog.sonatype.com / Sonatype Blog

Devs flood npm with 15,000 packages to reward themselves with Tea 'tokens' 1 day, 16 hours ago | blog.sonatype.com
cases dependency dependency confusion flood +19
The essential duo of SCA and SBOM management 5 days, 16 hours ago | blog.sonatype.com
application application security attacks duo +16
Automating and maintaining SBOMs 1 week, 5 days ago | blog.sonatype.com
artifact automation bill components +11
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and liblzma 2 weeks, 2 days ago | blog.sonatype.com
attack attacks backdoor bank +26
CVE-2024-3094 The targeted backdoor supply chain attack against XZ and libzma 2 weeks, 2 days ago | blog.sonatype.com
attack attacks backdoor bank +26
SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern 2 weeks, 5 days ago | blog.sonatype.com
apache cyclonedx devzone experience +14
Cyber readiness and SBOMs 3 weeks, 1 day ago | blog.sonatype.com
academic academic research advanced bills +22
Open source ML/AI models: attackers' next target 3 weeks, 5 days ago | blog.sonatype.com
ai models apps art attackers +14
How to integrate SBOMs into the software development life cycle 4 weeks ago | blog.sonatype.com
availability bill can code +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

IAM Engineer - SailPoint IIQ

@ IDMWORKS | Remote USA
View on infosec-jobs.com

Manager, Network Security

@ NFL | New York City, United States
View on infosec-jobs.com

Engineering Team Manager – Security Controls

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com

Senior Security Consultant

@ LRQA | USA, US
View on infosec-jobs.com
View more jobs