Dark Reading

Log4j Highlights Need for Better Handle on Software Dependencies

It's a new year and the cybersecurity community now faces the long-term consequences of yet another software supply chain security nightmare. After a year full of application security zero-day fallout ...
CSOonline

Why code reuse is still a security nightmare

Modern software applications are stitched together from thousands of third-party components fetched from public repositories. This reuse of code has major benefits for the software industry, reducing ...
SiliconANGLE

JFrog’s Conan introduces Conan Audit to strengthen C/C++ dependency security

JFrog Inc.-owned software package manager for C/C++ development environments Conan today introduced Conan Audit, a new security feature that enables developers to analyze dependencies for ...
Forbes

19 Tools And Strategies For Safe, Sustainable Software Dependencies

Across the digital marketplace, we’re in an era of high open-source code usage. Tech companies often incorporate open-source code snippets in their own software, while businesses across industries ...
Dark Reading

Dependency Problems Increase for Open Source Components

The average software application depends on more than 500 open source libraries and components, up 77% from 298 dependencies in two years, highlighting the difficulty of tracking the vulnerabilities ...
Forbes

The Hidden Risk Lurking In The Software Supply Chain: Transitive Open-Source Dependencies

Varun Badhwar is CEO & Co-Founder at Endor Labs. Previously, he built Prisma Cloud for Palo Alto Networks following the RedLock acquisition. Packages arriving late, stores out of stock or overstocked, ...