The initiative, called Project Lightwell, seeks to create a "clearinghouse" for open source security, establishing a model ...

Join the event trusted by enterprise leaders for nearly two decades. VB Transform brings together the people building real enterprise AI strategy. Learn more Today, software supply chain security ...

The average software application depends on more than 500 open source libraries and components, up 77% from 298 dependencies in two years, highlighting the difficulty of tracking the vulnerabilities ...

WhiteSource, a platform that companies such as Microsoft, IBM, and Comcast use to secure their open source software components, has raised $75 million in a series D round of funding. Founded in 2011, ...

The idea of a lone programmer relying on their own genius and technical acumen to create the next great piece of software was always a stretch. Today it is more of a myth than ever. Competitive market ...

The Linux Foundation and Harvard's Lab for Innovation Science this week released the rankings of the top 500 open source projects in two major ecosystems in the first step toward cataloging the ...

OpenText, The Information Company, is debuting OpenText Debricked Open Source Select, a solution aimed toward helping developers select the right open source components that align with company intake ...

Starts with OpenTitan “root-of-trust” components ...

Maury Cupitt, regional vice president of sales engineering at Sonatype, said government agencies should understand the importance of visibility and automation in the detection and mitigation of risks ...

White House and OMB initiatives are driving security concerns around open source because while it is a powerful tool, it needs to be managed effectively, our expert writes. Against a backdrop of ...

The security of open source software remains a concern with developers who are taking longer to fix vulnerabilities as they combine open source components with their own code when building ...

Software composition analysis (SCA) refers to obtaining insight into what open-source components and dependencies are being used in your application, and how—all in an automated fashion. This process ...