Choosing the right security testing tools is hard, because each type of tool has a different purpose with unique strengths. It can get confusing, but it’s a lot easier when you can sort them into different methodologies. And the process becomes almost simple once we properly understand the different …
If you’re like many developers or IT professionals, you may have mixed feelings about these lists. I get it. On one hand, you know they’re important for keeping your applications and systems secure. On the other hand, they can be overwhelming, dry, and difficult to implement. But what if …
If you search for “How to Automate SBOM Creation” you’ll find a huge number of results. As a software engineer, I personally get frustrated by those results almost instantly. Instead of telling me how to automate the creation of my SBOM, most of them spend half the article telling me why I should …
In this article, we won’t be going into detail about how the vulnerability came to be or even how to patch it (in short: upgrade to the latest). Instead, we’ll be taking a quick look at what an exploit against these two new issues could be able to do- and compare it to two other common dependency …
I was in a discussion thread with folks from Cloud Native Computing Foundation and Kubernetes today, and this phrase came up again. The context was something along the lines of… “we’re afraid that will encourage low-quality contributions.” Let’s dig in to this.
Becoming a new contributor to open source software is one of the biggest obstacles I watch people hit regularly. I’ve seen a hundred false starts from recent grads and even people who have been working in tech for years. The obstacle is consistent, but the solution isn’t always simple.