Forbes

Harnessing The Power Of Open Source Intelligence In Enterprise Risk Management

CEO of Crisis Control Solutions LLC & Schwenk AG, a leading expert in risk and crisis management for the automotive industry. Risk management, a strategic discipline, demands a proactive approach to ...
SDxCentral

10 biggest open source software (OSS) security risks

The popular Java library for logging error messages in applications is one of the most deployed pieces of open-source software (OSS). But it wasn’t until December ...
SiliconANGLE

Surge in high-risk open-source vulnerabilities found in commercial codebases

A new report released today by electronic design automation company Synopsys Inc. uncovers a disturbing surge in high-risk vulnerabilities in commercial codebases, increasing the risk of hacking and ...
Semiconductor Engineering

2024 Open Source Security And Risk Analysis Report

Persistent open source security concerns Why developers need to improve at keeping open source components up-to-date The need for a Software Bill of Materials (SBOM) for software supply chain ...
Security

Endor Labs partners with security and technology leaders for Open Source Software Risks survey

PALO ALTO, CA (March 1, 2023) – Endor Labs, creators of the Dependency Lifecycle Management platform helping development and security teams maximize the use of open source software (OSS), have ...
SDxCentral

Open Source: The Biggest Risk to SDN

Partner risk with Vendor Dominated open source is more challenging -- especially given the lack of transparency in decision-making process; lack of external developer community to which to leverage to ...
Wired

Security Researchers Warn a Widely Used Open Source Tool Poses a 'Persistent' Risk to the US

Since Russian troops invaded Ukraine more than three years ago, Russian technology companies and executives have been widely sanctioned for supporting the Kremlin. That includes Vladimir Kiriyenko, ...
VentureBeat

Google releases open-source security tool to centralize SBOM management

Join our daily and weekly newsletters for the latest updates and exclusive content on industry-leading AI coverage. Learn More >>Don’t miss our special issue: How ...
CSOonline

AI development pipeline attacks expand CISOs’ software supply chain risk

Malicious campaigns targeting code used by developers of AI applications underscore the need to develop comprehensive risk-based programs around software dependencies and components. Widespread flaws ...
Forbes

The Hidden Risk Lurking In The Software Supply Chain: Transitive Open-Source Dependencies

Varun Badhwar is CEO & Co-Founder at Endor Labs. Previously, he built Prisma Cloud for Palo Alto Networks following the RedLock acquisition. Packages arriving late, stores out of stock or overstocked, ...
Dark Reading

CISA to Open Supply Chain Risk Management Office

The US Cybersecurity and Infrastructure Security Agency (CISA) plans to open an office focused on helping the public and private sectors protect their software and IT supply chains. The new office ...