SBOM, VDR, and Maven: Transforming the Apache Logging experience to a common pattern
In late 2023, a few members of the Apache Logging Services project – known for providing the famous Log4j logging framework – received funding from the Sovereign Tech Fund (STF) to enhance ...
Cyber readiness and SBOMs
The Advanced Technology Academic Research Center (ATARC) recently hosted the webinar "Unlocking Cyber Readiness with SBOMs," focusing on the essential role of software bills of materials (SBOMs) in enhancing cybersecurity frameworks across ...
Open source ML/AI models: attackers’ next target
We are now in an era where AI and ML tools are thriving, with a new AI service popping up every week—from voice cloning apps to those perfecting digitalized art generation. It ...
How to integrate SBOMs into the software development life cycle
The widespread availability of third-party and open source software has significantly accelerated modern software development. These technologies also pose a risk, because the external code used by a company has not gone ...
Streamline your SBOM management with SBOM Manager
Modern software development means applications are woven from diverse components sourced from in-house development, open source repositories, and external vendors. Keeping track of all these dependencies is becoming more critical as governments ...
How to safeguard your software supply chain
Software vulnerabilities can lead to catastrophic cyberattacks, so understanding the intricacies of your software supply chain has never been more critical ...
NVD overload: Unveiling a hidden crisis in vulnerability management
In a Linkedin Live session yesterday, Ilkka Turunen, Field CTO of Sonatype, and Brian Fox, co-founder and CTO, discussed an ongoing critical yet underreported issue in the National Vulnerability Database (NVD) ...
Secure Software Development Attestation Form: Sonatype helps you comply
On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) unveiled the final version of the Secure Software Development Attestation Form. This pivotal ...
What are SBOM standards and formats?
The growing importance of software bills of materials (SBOMs) marks a significant shift towards better transparency and security in software management ...
Securing software development with Sonatype Air-Gapped Environment (SAGE)
Developers everywhere build modern applications from reusable pieces of code downloaded from repositories such as Maven Central ...
