Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

January 2024

How to Easily Generate An Accurate Software Bill of Materials (SBOM) with Black Duck | Synopsys

Jan 16, 2024 By Synopsys In Synopsys
Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain. Watch the video to streamline your SBOM generation process and take control of your software supply chain.
View Video
manageengine

Security warning! All of us are victims of open-source vulnerabilities

Jan 10, 2024 By General In ManageEngine

Picture this: A user on your network casually explores the internet and scrolls through a website’s comment section. However, a lurking threat known as cross-site scripting (XSS) is poised to exploit vulnerabilities and steal their session cookies, which includes sensitive data such as their logon credentials. But how does this nefarious scheme unfold, and what other open-source vulnerabilities could be exploited in the process?

Read Post
Trustwave

Trustwave Transfers ModSecurity Custodianship to the Open Worldwide Application Security Project (OWASP)

Jan 9, 2024 By Trustwave In Trustwave
After serving as its steward for over a decade, Trustwave has agreed to transfer the reins of the renowned open-source web application firewall (WAF) engine, ModSecurity, to the Open Worldwide Application Security Project (OWASP). This landmark move promises to inject fresh energy and perspectives into the project, ensuring its continued evolution as a vital line of defense for countless websites worldwide.
Read Post
veracode

What To Look For in an Open Source Vulnerability Scanner

Jan 4, 2024 By Cody Bertram In Veracode

One of the top security concerns we hear from technology leaders is about the security of open source software (OSS) and cloud software development. An open source vulnerability scanner (for scanning OSS) helps you discover risk in the third-party code you use. However, just because a solution scans open source does not mean you are ultimately reducing security risk with it.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.