Software is only as safe as the code used to build it. Today, more than 90% of all new software is built using open source code, which can contain unknown risks and dependencies. Software Composition Analysis is a critical tool in reducing risks with third party packages. SOOS’s Software Composition Analysis (SCA) tools mitigate this…
Continue ReadingOpen Source
SOOS Year in Review
We’ve had an exciting year at SOOS. We want to thank all of our customers for a great 2022, and an even better 2023!
Continue ReadingSBOM 101: What is an SBOM? Why are they important?
SBOM stands for “software bill of materials.” At its most simplistic level, an SBOM is a list of “ingredients” that describes the components in a software application. More precisely (per the NTIA), a SBOM is a “complete, formally structured list of components, libraries and modules that are required to build a given piece of software…
Continue ReadingSOOS Joins The DigitalOcean Wave
DigitalOcean is a cloud computing platform that makes it easy for developers, startups, and SMBs to build and deploy applications at scale. The large tech titans (Amazon, Google, Microsoft) dominate the enterprise market, but DigitalOcean has found its mission and market niche by focusing on the needs of SMBs. DigitalOcean’s platform is known for its simplicity,…
Continue ReadingTop 5 Vulnerabilities in Software Development
Virtually all software development has some security risk, whether it is a result of insufficient testing, ignoring best practices, using open-source code with known vulnerabilities, or any combination of poor techniques. Unfortunately, these flaws persist and show up with increasing frequency in applications and operating systems every day. The goal of software professionals everywhere is…
Continue ReadingSoftware License Management Basics
Companies that use multiple software packages may not be using them to their full potential. Others might have expired licenses in their inventory. Both situations can cost money. Software license management procedures help businesses stay up to date with everything related to software licenses. SOOS wants you to understand the importance of software licensing as it…
Continue ReadingNode JS vs React JS: What’s the Difference?
Every internet user on the planet interacts with web applications built with React and Node JS. Both tools have helped foster the content people view on widescreen televisions, computer monitors, and smartphones. Knowing Node and React’s roles in the web application ecosystem gives developers a leg up in the software marketplace. Understanding the security issues…
Continue ReadingHow To Make a Git Checkout File
As a DevOps tool, Git is an open-source version control system used in the development of small and large-scale projects. The system is favored among developers for its speed and efficiency, allowing programmers to track changes through a nonlinear development process, including accessing a git checkout file from another branch. The system allows DevOps teams to explore the…
Continue ReadingGit Branch Guide and Git Best Practices
Pioneered by Linux creator Linus Torvalds, Git ranks with caffeine as a software development essential. Git is a version control system that preserves a comprehensive record of the code in an application at all time points. With Git, each team member has a local repository and a full history with it. The Git system fosters…
Continue ReadingTop 10 Open Source Software Security Breaches
The programming world needs to cope with the continual rise of data breaches and coding vulnerabilities every year. Despite the sustained effort to perfect coding languages and programs, programmers will always fall on either side of the spectrum of good or bad, meaning that black-hat coders are constantly searching for weaknesses in software and systems….
Continue ReadingImprove Your Software Security With SOOS SCA
Today, almost every business and organization relies on various software packages for most business functions. Your company’s finances and data, along with that of your vendors and clients, reside on your servers, and you are responsible for taking precautions to keep that data safe. Although some of your software may be proprietary, the chances are…
Continue ReadingHidden Backdoors Leading to JavaScript Vulnerabilities
In 1845, Edgar Allan Poe wrote “The Purloined Letter”, a tale of a blackmailer who confounded police by hiding a letter in plain sight. Nearly two centuries later, a real-life generation of predators may use a similar technique to exploit JavaScript vulnerabilities. Understanding the method begins with a look at how text read by billions…
Continue Reading