Open Source Vulnerability Management Anatomy of a Software Supply Chain Attack Software supply chain attacks are an increasingly common and dangerous type of cyberattack. Here's how to defend against them.
Software Composition Analysis How to Generate an SBOM with FOSSA See how your organization can use FOSSA to generate a comprehensive software bill of materials in a few easy steps.
Open Source in the News bouk/monkey and the Importance of Knowing Your Dependencies A recent news item involving the bouk/monkey open source program shows why it's so important for organizations to have visibility into their dependencies.
Software Composition Analysis 3 Best Practices for OSS Management in the Automotive Industry Experts share tips and strategies to help automotive organizations improve their open source management programs.
Inside FOSSA FOSSA Product Updates: August 2021 FOSSA has launched several new features, including container scanning, analysis target configuration, expanded language support, and more.
Inside FOSSA FOSSA Receives Highest Scores Possible in License Risk Management, SBOM Criteria in Forrester Wave FOSSA was the only vendor to earn the highest possible score in both the SBOM and License Risk Management criteria.
Inside FOSSA Announcing FOSSA Container Scanning We're excited to introduce FOSSA Container Scanning, which will help organizations reduce compliance and security risk in their container images.
Software Composition Analysis The Minimum Required Elements of an SBOM As part of its new cybersecurity executive order, the U.S. Federal government released the minimum required elements for a software bill of materials.
Open Source Vulnerability Management Container Image Security and Vulnerability Scanning Get an overview of today's container image security landscape, including common attack vectors and the importance of vulnerability scanning.
Open Source Vulnerability Management All About CWE-79: Cross-Site Scripting CWE-79: Cross Site Scripting (XSS) is one of today's most commonly found vulnerabilities. Here's a look at different types of XSS attacks and how to stop them.
Open Source in the News Cybersecurity Executive Order and Software Supply Chain Security See our top takeaways from the software supply chain security section of the Biden Administration's cybersecurity executive order.
Software Composition Analysis IT Central Station: What Makes for an Effective SCA Solution Enterprise technology review site IT Central Station shares insight from software composition analysis (SCA) users on the elements of an effective SCA solution.
Software Composition Analysis Software Bill Of Materials (SBOM) Formats, Use Cases, and Specifications SBOMs plays an important role in everything from application security to OSS license compliance. Learn about popular formats and use cases.
Software Composition Analysis How SCA Helps Manage OSS Vulnerabilities See four ways software composition analysis (SCA) helps organizations identify and manage potential vulnerabilities in OSS.
Software Composition Analysis Software Supply Chain Security for Automotive Organizations Technological innovation in the automotive industry has put software supply chain security in the spotlight.
Open Source in the News Takeaways from OpenChain ISO/IEC 5230:2020 Explore key takeaways from ISO/IEC 5230: OpenChain Specification, including steps to becoming an OpenChain Conformant organization.
Software Composition Analysis The Future of Software Composition Analysis, Featuring Forrester Software composition analysis will continue to evolve to help organizations reduce risk in their use of often source software.
Software Composition Analysis 5 Ways Companies Can Get More Value From Open Source Software See what your organization can do in areas like compliance, security, and automation to get more value from open source software.
Open Source in the News SolarWinds, Supply Chain Attacks, and Software Composition Analysis Software supply chain security has been in the spotlight following the SolarWinds hack. Here's how you can strengthen your defenses against such an attack.
Open Source License Compliance How UiPath Reduced Open Source Risk Through Team Collaboration Experts from UiPath share best practices to help teams collaborate to reduce risk in their use of open source software.
Software Composition Analysis What is Software Composition Analysis? Get an overview of software composition analysis and why it plays a critical role in helping companies reduce risk in their use of open source.
Software Composition Analysis A Framework for Evaluating Software Composition Analysis Tools As enterprises shop for tools that deliver SCA at scale, let's examine what we should keep in mind when defining the right risk mitigation solution.
Software Composition Analysis FOSSA and Container Scanning FOSSA's perspective on container scanning.
Software Composition Analysis Why Source Code Scanning Tools Are Essential for Open Source Compliance Any OS component could be subject to a myriad of OS licenses that you might be unable to identify without performing a source code audit and scan.
Software Composition Analysis Snippet Scanning: Is it Right for Your Team? There are several things to take into consideration so if you are evaluating whether or not snippet scanning is a requirement for your SCA solution. Here is an overview of some key questions to ask in your evaluation.