Governance in Software Composition Analysis Governance in SCA solutions is an often overlooked yet extremely powerful feature set that can significantly improve a company’s supply chain security, and legal compliance. Governance or Governance Policies consist of the ability to create rules which restrict open source packages based on certain criteria. The result of running these…
Continue ReadingDevelopers
Industry News
Fidelity says data breach exposed personal data of 77,000 customers
Internet Archive hacked, data breach impacts 31 million users
Water supplier American Water Works says systems hacked
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
SEC Charges SolarWinds and CISO with Fraud, Internal Control Failures
What is Software Composition Analysis?
Software is only as safe as the code used to build it. Today, more than 90% of all new software is built using open source code, which can contain unknown risks and dependencies. Software Composition Analysis is a critical tool in reducing risks with third party packages. SOOS’s Software Composition Analysis (SCA) tools mitigate this…
Continue Reading
SOOS Year in Review
We’ve had an exciting year at SOOS. We want to thank all of our customers for a great 2022, and an even better 2023!
Continue Reading
ZAP vs. SOOS: Dynamic Application Security Testing Tool Comparison
OWASP’s ZAP is a free, open-source DAST scanner widely used by security professionals around the world to find web application vulnerabilities. SOOS’s DAST scanning abilities are built on ZAP’s foundations, but with added features that makes automated DAST scanning an affordable and seamless part of your software development cycle. SOOS makes it easy to add DAST to the…
Continue Reading
SOOS Joins The DigitalOcean Wave
DigitalOcean is a cloud computing platform that makes it easy for developers, startups, and SMBs to build and deploy applications at scale. The large tech titans (Amazon, Google, Microsoft) dominate the enterprise market, but DigitalOcean has found its mission and market niche by focusing on the needs of SMBs. DigitalOcean’s platform is known for its simplicity,…
Continue Reading
Top 5 Vulnerabilities in Software Development
Virtually all software development has some security risk, whether it is a result of insufficient testing, ignoring best practices, using open-source code with known vulnerabilities, or any combination of poor techniques. Unfortunately, these flaws persist and show up with increasing frequency in applications and operating systems every day. The goal of software professionals everywhere is…
Continue Reading
Node JS vs React JS: What’s the Difference?
Every internet user on the planet interacts with web applications built with React and Node JS. Both tools have helped foster the content people view on widescreen televisions, computer monitors, and smartphones. Knowing Node and React’s roles in the web application ecosystem gives developers a leg up in the software marketplace. Understanding the security issues…
Continue Reading
How To Make a Git Checkout File
As a DevOps tool, Git is an open-source version control system used in the development of small and large-scale projects. The system is favored among developers for its speed and efficiency, allowing programmers to track changes through a nonlinear development process, including accessing a git checkout file from another branch. The system allows DevOps teams to explore the…
Continue Reading
Git Branch Guide and Git Best Practices
Pioneered by Linux creator Linus Torvalds, Git ranks with caffeine as a software development essential. Git is a version control system that preserves a comprehensive record of the code in an application at all time points. With Git, each team member has a local repository and a full history with it. The Git system fosters…
Continue Reading
Top 10 Open Source Software Security Breaches
The programming world needs to cope with the continual rise of data breaches and coding vulnerabilities every year. Despite the sustained effort to perfect coding languages and programs, programmers will always fall on either side of the spectrum of good or bad, meaning that black-hat coders are constantly searching for weaknesses in software and systems….
Continue Reading