SOOS’s new Community Edition is a totally free version of our software composition analysis (SCA) tool available to educational users and all developers working on open source projects. That’s FREE, as in beer. Free Vulnerability Scanner Now you can access the most practical and effective supply chain security tool available, at no cost. Identify and…
Continue ReadingDevOps
Industry News
Fidelity says data breach exposed personal data of 77,000 customers
Internet Archive hacked, data breach impacts 31 million users
Water supplier American Water Works says systems hacked
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
SEC Charges SolarWinds and CISO with Fraud, Internal Control Failures
SOOS Year in Review
We’ve had an exciting year at SOOS. We want to thank all of our customers for a great 2022, and an even better 2023!
Continue Reading
SBOMs to Be Required for Software Developers Who Do Business with the Federal Government
In May of 2021, the Biden Administration issued a new and aggressive mandate to all government agencies to ratchet up cybersecurity. As a result, we can expect to see an SBOM requirement for all software developers doing business with the Federal Government. EO 14028, The Executive Order Improving the Nation’s Cybersecurity, is a broad and…
Continue Reading
Top 10 Open Source Software Security Breaches
The programming world needs to cope with the continual rise of data breaches and coding vulnerabilities every year. Despite the sustained effort to perfect coding languages and programs, programmers will always fall on either side of the spectrum of good or bad, meaning that black-hat coders are constantly searching for weaknesses in software and systems….
Continue Reading
Coding Vulnerabilities and Preventions
Software vulnerabilities have existed since the advent of the internet. Errors, defects, bugs, and oversight give cybercriminals the advantage they need to steal data, hijack servers, or manipulate your systems. The more complex the technology, the more sophisticated the hackers’ techniques. The only way to thwart bad actors and secure your enterprise is to ensure…
Continue Reading
Is Python More Secure Than Java?
Computer science involves the learning and understanding of complex and intricate programming languages to develop sophisticated and secure applications, allowing for automatic and integrated functions. Python and Java are among the most popular languages because of their extensive libraries and evolving operations. While both languages are effective tools for any gifted programmer, choosing the right…
Continue Reading
Secure Code Development Guidelines
In 2020, data breaches affected 300.6 million people. Cyberattacks are the most common source of compromise. Many factors contribute to the prevalence of intrusions, including missing or insufficient security protocols, defects, bugs, and other vulnerabilities introduced through poor coding practices. Secure code guidelines for developers are best practices that not only help to prevent flaws…
Continue Reading
A Simple Guide to Secure Coding Principles
Digital security professionals recommend implementing a series of secure coding principles to reduce opportunities for cyber theft, breaches, and attacks. Though specifics may vary, applying these expert-developed guidelines can drastically improve your company’s security and minimize the damage of breakthrough attacks. Access Control If you’re trying to optimize security, safelisting is the ideal approach to…
Continue Reading
Secure Coding Basics
Despite a growing national and individual emphasis on digital security, cyberattacks continue to increase on a local and global level. As a result, developers have become increasingly overwhelmed by the necessity of creating and managing breach-proof code. Fortunately, it’s possible to achieve critical safety through basic security principles. Understanding what leads to insecure code, how…
Continue Reading
The Best Secure Programming Practices
Nearly every organization gives secure programming practices lip service, but only an elite few make this goal a practical reality. Cyber predators never sit still. That harsh fact means that secure coding is a journey, not a destination. The best shops follow secure programming practices that building a reputation for shipping secure apps requires an…
Continue Reading