Governance in Software Composition Analysis Governance in SCA solutions is an often overlooked yet extremely powerful feature set that can significantly improve a company’s supply chain security, and legal compliance. Governance or Governance Policies consist of the ability to create rules which restrict open source packages based on certain criteria. The result of running these…
Continue ReadingSBOMs
Industry News
Comcast says hackers stole data of close to 36 million Xfinity customers
Biden-Harris Administration Announces National Cybersecurity Strategy
SEC Charges SolarWinds and CISO with Fraud, Internal Control Failures
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
Stop Passing the Buck on Cybersecurity
SOOS Year in Review
We’ve had an exciting year at SOOS. We want to thank all of our customers for a great 2022, and an even better 2023!
Continue ReadingSBOM 101: What is an SBOM? Why are they important?
SBOM stands for “software bill of materials.” At its most simplistic level, an SBOM is a list of “ingredients” that describes the components in a software application. More precisely (per the NTIA), a SBOM is a “complete, formally structured list of components, libraries and modules that are required to build a given piece of software…
Continue ReadingSBOMs to Be Required for Software Developers Who Do Business with the Federal Government
In May of 2021, the Biden Administration issued a new and aggressive mandate to all government agencies to ratchet up cybersecurity. As a result, we can expect to see an SBOM requirement for all software developers doing business with the Federal Government. EO 14028, The Executive Order Improving the Nation’s Cybersecurity, is a broad and…
Continue ReadingThe Executive Order on Improving the Nation’s Cybersecurity is a Game-Changer. Get Ready.
On May 12, 2021, President Biden issued the “Executive Order on Improving the Nation’s Cybersecurity (14028).” It’s a game-changing piece of legislation. And, like a lot of federal policy, it’s dense and hard to read, often raising as many questions as it answers. This order is frequently referred to as the Executive Order on Cybersecurity….
Continue ReadingSOOS Partners with RKVST
It’s been a year since US President Joe Biden issued Executive Order 14028, “Improving the Nation’s Cybersecurity”, published after the SolarWinds attack (one of the worst data breaches in the last decade). The executive order provides a set of requirements as well as a timeline for strengthening the security of the apps built and used by…
Continue Reading