Today more than 90% of software is built on open source packages. These packages may have unknown risks, such as security vulnerabilities, poorly maintained codebases and undesirable licenses. In the .NET ecosystem, these open source packages are usually managed via the NuGet package manager, although others, such as Paket, exist as well. What’s important to…
Continue ReadingSoftware Composition Analysis
Industry News
SOOS Community Edition is Totally Free!
SOOS’s new Community Edition is a totally free version of our software composition analysis (SCA) tool available to educational users and all developers working on open source projects. That’s FREE, as in beer. Free Vulnerability Scanner Now you can access the most practical and effective supply chain security tool available, at no cost. Identify and…
Continue ReadingSOOS Year in Review
We’ve had an exciting year at SOOS. We want to thank all of our customers for a great 2022, and an even better 2023!
Continue ReadingSBOMs to Be Required for Software Developers Who Do Business with the Federal Government
In May of 2021, the Biden Administration issued a new and aggressive mandate to all government agencies to ratchet up cybersecurity. As a result, we can expect to see an SBOM requirement for all software developers doing business with the Federal Government. EO 14028, The Executive Order Improving the Nation’s Cybersecurity, is a broad and…
Continue ReadingTop 5 Vulnerabilities in Software Development
Virtually all software development has some security risk, whether it is a result of insufficient testing, ignoring best practices, using open-source code with known vulnerabilities, or any combination of poor techniques. Unfortunately, these flaws persist and show up with increasing frequency in applications and operating systems every day. The goal of software professionals everywhere is…
Continue ReadingSoftware License Management Basics
Companies that use multiple software packages may not be using them to their full potential. Others might have expired licenses in their inventory. Both situations can cost money. Software license management procedures help businesses stay up to date with everything related to software licenses. SOOS wants you to understand the importance of software licensing as it…
Continue ReadingTop 10 Open Source Software Security Breaches
The programming world needs to cope with the continual rise of data breaches and coding vulnerabilities every year. Despite the sustained effort to perfect coding languages and programs, programmers will always fall on either side of the spectrum of good or bad, meaning that black-hat coders are constantly searching for weaknesses in software and systems….
Continue ReadingShould I Buy a Software Composition Analysis Tool?
The integration of open-source software into websites and applications allows for rapid deployment of new functionality and delivering on high-impact projects. While the benefits of using open-source software outweigh the risks, developers and companies cannot deny that risks exist, which is the reason for SCA tools. With OSS, the author is often unknown. As well,…
Continue ReadingChoosing the Right SCA Tool for Your Company
Software composition analysis is an essential piece of web development and application security. The growing dependency on such tools has created a crowded and competitive market niche, making it challenging for companies to select the right tool for their business. As an organization weighs the different features and capabilities of available tools, it must determine…
Continue ReadingUnderstanding Software Composition Analysis
Open source is a practical and necessary solution to building applications quickly. However, while OSS creates competitive advantages for market deployment, it also brings increased programming and security risks. The mitigation and remediation of security threats are the primary reasons companies turn to software composition analysis. What Is SCA (Software Composition Analysis)? Software composition analysis…
Continue Reading