OpenSFF

Why enterprises must do more to support open source software they use

Open Source

Why enterprises must do more to support open source software they use

CNCF panellists discuss what if the maintainer of that vital component goes under a bus

clock 31 October 2022 • 3 min read
New guidance on software supply chain attacks released

Threats and Risks

New guidance on software supply chain attacks released

Linux Foundation's OpenSFF releases npm security guide while US agencies NSA and CISA advise on hardening the component supply chain

clock 02 September 2022 • 4 min read
All about SBOMs: the latest moves to secure the software supply chain

Security Technology

All about SBOMs: the latest moves to secure the software supply chain

Following Biden's Executive Order on cybersecurity, uptake of software bills of materials is taking off in the US. We need to follow suit

clock 19 July 2022 • 8 min read
Application security: shift-left is necessary but insufficent

DevOps

Application security: shift-left is necessary but insufficent

Integrating security checks into code should be seen as part of a bigger picture, says Kubecon panel

clock 20 May 2022 • 4 min read