Several high profile software supply chain security incidents over the last few years have put more of a spotlight on the need to have visibility into the software supply chain. However, it seems as though those efforts may not be leading to the desired outcomes, as a new survey found that only one out of … continue reading
The software intelligence company CAST is trying to make it easier for development teams to create and manage Software Bill of Materials (SBOMs) with the launch of the CAST SBOM Manager. This new free tool automates the process of creating SBOMs. Developers give the SBOM Manager access to their code repositories and it will create … continue reading
A number of security-focused groups have announced they are teaming up on a new open-source project to help secure software supply chains: Protobom. The project was created jointly by the Open Source Security Foundation (OpenSSF), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Homeland Security Science and Technology Directorate (DHS S&T). Protobom allows … continue reading
A software bill of materials (SBOM) is a tool designed to share detailed information on code components in a standardized way. The SBOM has become an increasingly important tool for both application security purposes and governmental compliance. To minimize inconsistencies and encourage greater transparency, three primary SBOM formats have emerged, each of which allow companies to … continue reading
Snyk announced many innovations that extend the scope of the company’s Developer Security Platform during its SnykLaunch Fall 2022 event. This includes the general availability of Snyk Cloud, which offers tools to help fix software vulnerabilities such as a vulnerability scanner and a patch management system that was launched in July 2022 with limited availability. … continue reading
Tel Aviv, Israel, September 29, 2022 — Ox Security, the end-to-end software supply chain security platform for DevSecOps, exited stealth today with $34M in funding led by Evolution Equity Partners, Team8, and M12, Microsoft’s venture fund, with participation from Rain Capital. OX was founded less than a year ago by Neatsun Ziv and Lior Arzi, … continue reading
To secure the software in your supply chain, there’s a lot of hype today about the need for an SBOM (software bill of materials). But what does that really mean for development teams today? BOMs have been used for years by organizations; they are a list of the raw materials, sub-assemblies, intermediate assemblies, sub-components, parts, … continue reading
Despite recent events, like the discovery of the Log4j vulnerability late last year, that have highlighted the need for companies to have insight into what open source components they are utilizing, and what versions, fewer than half of companies have a software bill of materials (SBOMs) in place. This is according to a report by … continue reading
Too many companies are missing a key software component in their businesses: their software bill of materials (SBOM). A SBOM is a list of all the components that make up a piece of software. According to Brian Fox, chief technology officer at Sonatype, while some may think it is a trivial requirement, it provides transparency … continue reading