SOOS’s new Community Edition is a totally free version of our software composition analysis (SCA) tool available to educational users and all developers working on open source projects. That’s FREE, as in beer. Free Vulnerability Scanner Now you can access the most practical and effective supply chain security tool available, at no cost. Identify and…
Continue ReadingOpen Source Software
Industry News
Fidelity says data breach exposed personal data of 77,000 customers
Internet Archive hacked, data breach impacts 31 million users
Water supplier American Water Works says systems hacked
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
SEC Charges SolarWinds and CISO with Fraud, Internal Control Failures
SOOS Year in Review
We’ve had an exciting year at SOOS. We want to thank all of our customers for a great 2022, and an even better 2023!
Continue Reading
SBOM 101: What is an SBOM? Why are they important?
SBOM stands for “software bill of materials.” At its most simplistic level, an SBOM is a list of “ingredients” that describes the components in a software application. More precisely (per the NTIA), a SBOM is a “complete, formally structured list of components, libraries and modules that are required to build a given piece of software…
Continue Reading
Software License Management Basics
Companies that use multiple software packages may not be using them to their full potential. Others might have expired licenses in their inventory. Both situations can cost money. Software license management procedures help businesses stay up to date with everything related to software licenses. SOOS wants you to understand the importance of software licensing as it…
Continue Reading
Software Industry Total Cost of Ownership
ROI is a primary concern for any enterprise undertaking, and enterprise software projects are no different. The total cost of ownership is a valuable input to an accurate ROI projection. Unfortunately, many businesses and IT leaders don’t take all the costs of the different options the software industry offers into consideration. Those oversights can lead…
Continue Reading
Software Security Audit Guide for Software Acquisition
Mergers and acquisitions are standard business practices; they allow companies to grow and obtain assets to increase competitiveness and their bottom line. However, while these contractual allegiances and alliances are primarily bureaucratic, the evolution of technology created addendums to standard protocols, including a software security audit. The evolution of technology and the dependence on software is…
Continue Reading
Top 10 Open Source Software Security Breaches
The programming world needs to cope with the continual rise of data breaches and coding vulnerabilities every year. Despite the sustained effort to perfect coding languages and programs, programmers will always fall on either side of the spectrum of good or bad, meaning that black-hat coders are constantly searching for weaknesses in software and systems….
Continue Reading
NodeBB Open Source Software Vulnerabilities
As a software service, NodeBB supports either a PostgreSQL, Redis, or MongoDB database that facilitates web sockets for real-time notifications and interactions between users. The software allows for real-time discussions and mobile interactions while also providing an original forum format for users. NodeBB contains certain functionalities, while additional integrations can be accomplished through external plugins…
Continue Reading
How To Scan Docker Images for Vulnerabilities
For any software development project, it is essential that the components of the software are not susceptible to any vulnerabilities. The case is no different when working in Docker, where images should be checked for vulnerabilities before being uploaded to Docker Hub or another registry. To take advantage of Docker’s benefits, learn about its containerized…
Continue Reading
Apache vs MIT License
Most people use some kind of software every day, whether they are developers, end-users, or somewhere in between. The average end-user doesn’t care what a software license is or what kind of license they use, but its license permissions and restrictions govern developers’ use of open-source software. In turn, developers must license the software they…
Continue Reading