Governance in Software Composition Analysis Governance in SCA solutions is an often overlooked yet extremely powerful feature set that can significantly improve a company’s supply chain security, and legal compliance. Governance or Governance Policies consist of the ability to create rules which restrict open source packages based on certain criteria. The result of running these…
Continue ReadingSoftware Solutions
Industry News
Fidelity says data breach exposed personal data of 77,000 customers
Internet Archive hacked, data breach impacts 31 million users
Water supplier American Water Works says systems hacked
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
SEC Charges SolarWinds and CISO with Fraud, Internal Control Failures
What is Software Composition Analysis?
Software is only as safe as the code used to build it. Today, more than 90% of all new software is built using open source code, which can contain unknown risks and dependencies. Software Composition Analysis is a critical tool in reducing risks with third party packages. SOOS’s Software Composition Analysis (SCA) tools mitigate this…
Continue Reading
SOOS Year in Review
We’ve had an exciting year at SOOS. We want to thank all of our customers for a great 2022, and an even better 2023!
Continue Reading
Top 5 Vulnerabilities in Software Development
Virtually all software development has some security risk, whether it is a result of insufficient testing, ignoring best practices, using open-source code with known vulnerabilities, or any combination of poor techniques. Unfortunately, these flaws persist and show up with increasing frequency in applications and operating systems every day. The goal of software professionals everywhere is…
Continue Reading
Software License Management Basics
Companies that use multiple software packages may not be using them to their full potential. Others might have expired licenses in their inventory. Both situations can cost money. Software license management procedures help businesses stay up to date with everything related to software licenses. SOOS wants you to understand the importance of software licensing as it…
Continue Reading
Node JS vs React JS: What’s the Difference?
Every internet user on the planet interacts with web applications built with React and Node JS. Both tools have helped foster the content people view on widescreen televisions, computer monitors, and smartphones. Knowing Node and React’s roles in the web application ecosystem gives developers a leg up in the software marketplace. Understanding the security issues…
Continue Reading
Software Industry Total Cost of Ownership
ROI is a primary concern for any enterprise undertaking, and enterprise software projects are no different. The total cost of ownership is a valuable input to an accurate ROI projection. Unfortunately, many businesses and IT leaders don’t take all the costs of the different options the software industry offers into consideration. Those oversights can lead…
Continue Reading
Software Security Audit Guide for Software Acquisition
Mergers and acquisitions are standard business practices; they allow companies to grow and obtain assets to increase competitiveness and their bottom line. However, while these contractual allegiances and alliances are primarily bureaucratic, the evolution of technology created addendums to standard protocols, including a software security audit. The evolution of technology and the dependence on software is…
Continue ReadingWhat Is CI/CD? The CI/CD Definition
Development teams require a pipeline for delivering frequent and reliable changes to applications. The continuous integration and continuous delivery pipeline, or CI/CD tools, provides developers with the necessary implementation methods. Continuous integration is a coding and management philosophy designed to permit the use of various tools and platforms while controlling repositories against changes. Primarily, CI…
Continue Reading
Should I Buy a Software Composition Analysis Tool?
The integration of open-source software into websites and applications allows for rapid deployment of new functionality and delivering on high-impact projects. While the benefits of using open-source software outweigh the risks, developers and companies cannot deny that risks exist, which is the reason for SCA tools. With OSS, the author is often unknown. As well,…
Continue Reading