Synopsys has introduced Black Duck Supply Chain Edition, a software composition analysis (SCA) package that helps organizations mitigate upstream risk in software supply chains, including from AI code ...

PALO ALTO, CA (March 1, 2023) – Endor Labs, creators of the Dependency Lifecycle Management platform helping development and security teams maximize the use of open source software (OSS), have ...

All companies i depend upon business to business software applications to enhance operations, creating a broad range of risks in the process. These risks include security, availability, recoverability ...

The popular Java library for logging error messages in applications is one of the most deployed pieces of open-source software (OSS). But it wasn’t until December ...

Malicious campaigns targeting code used by developers of AI applications underscore the need to develop comprehensive risk-based programs around software dependencies and components. Widespread flaws ...

Generative artificial intelligence (GenAI) might be good at drafting business emails, but it is dangerously bad at writing software code. Malicious actors are exploiting AI-fabricated software ...

The modern economy means that new business ideas must be expressed in some kind of digital form to realise success. This digital transformation has led to a huge growth in custom development within ...

Integrated development environments (IDEs) have become increasingly popular in the age of generative AI, but security experts warn they carry hidden risks that must be addressed as attacks on software ...