anchore<p>When using open source software, YOU become the security supplier. </p><p>Discover how SCA scanning helps manage this responsibility and protect your applications from vulnerabilities like Log4j and XZ Utils: <a href="https://anchore.com/software-supply-chain-security/software-composition-analysis/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">anchore.com/software-supply-ch</span><span class="invisible">ain-security/software-composition-analysis/</span></a></p><p><a href="https://mstdn.business/tags/SoftwareCompositionAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareCompositionAnalysis</span></a> <a href="https://mstdn.business/tags/SCA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SCA</span></a> <a href="https://mstdn.business/tags/OpenSource" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>OpenSource</span></a></p>
mastodon.world is one of the many independent Mastodon servers you can use to participate in the fediverse.
Generic Mastodon server for anyone to use.
Administered by:
Server stats:
8.1Kactive users
mastodon.world: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.4.0
#softwarecompositionanalysis
0 posts · 0 participants · 0 posts today
anchore<p>With up to 90% of applications built on open source code, SCA tools are no longer optional—they're essential. </p><p>Learn how Software Composition Analysis protects your organization from supply chain vulnerabilities: <a href="https://anchore.com/software-supply-chain-security/software-composition-analysis/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">anchore.com/software-supply-ch</span><span class="invisible">ain-security/software-composition-analysis/</span></a></p><p><a href="https://mstdn.business/tags/SoftwareCompositionAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareCompositionAnalysis</span></a> <a href="https://mstdn.business/tags/SCA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SCA</span></a></p>
Pyrzout :vm:<p>Why software composition analysis is essential for open source security – Source: securityboulevard.com <a href="https://ciso2ciso.com/why-software-composition-analysis-is-essential-for-open-source-security-source-securityboulevard-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/why-software-com</span><span class="invisible">position-analysis-is-essential-for-open-source-security-source-securityboulevard-com/</span></a> <a href="https://social.skynetcloud.site/tags/SoftwareCompositionAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareCompositionAnalysis</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/SecurityBloggersNetwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityBloggersNetwork</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/EventsandWebinars" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EventsandWebinars</span></a> <a href="https://social.skynetcloud.site/tags/SecurityBoulevard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityBoulevard</span></a> <a href="https://social.skynetcloud.site/tags/ForresterSCAWave" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ForresterSCAWave</span></a> <a href="https://social.skynetcloud.site/tags/Forrester" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Forrester</span></a> <a href="https://social.skynetcloud.site/tags/SBOM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SBOM</span></a></p>
Antonio Francesco Sardella<p>Your CI/CD pipeline is vulnerable, but it's not your fault - Elad Pticha, Oreen Livni</p><p><a href="https://youtu.be/3dHZ-l3XSsE" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">youtu.be/3dHZ-l3XSsE</span><span class="invisible"></span></a></p><p><a href="https://infosec.exchange/tags/defcon32" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>defcon32</span></a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a> <a href="https://infosec.exchange/tags/applicationsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>applicationsecurity</span></a> <a href="https://infosec.exchange/tags/cicd" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cicd</span></a> <a href="https://infosec.exchange/tags/gha" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>gha</span></a> <a href="https://infosec.exchange/tags/github" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>github</span></a> <a href="https://infosec.exchange/tags/githubactions" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>githubactions</span></a> <a href="https://infosec.exchange/tags/sca" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sca</span></a> <a href="https://infosec.exchange/tags/softwarecompositionanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwarecompositionanalysis</span></a></p>
Pyrzout :vm:<p>Why you need an SBOM (Software Bill Of Materials) – Source: securityboulevard.com <a href="https://ciso2ciso.com/why-you-need-an-sbom-software-bill-of-materials-source-securityboulevard-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/why-you-need-an-</span><span class="invisible">sbom-software-bill-of-materials-source-securityboulevard-com/</span></a> <a href="https://social.skynetcloud.site/tags/SoftwareCompositionAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareCompositionAnalysis</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/SecurityBloggersNetwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityBloggersNetwork</span></a> <a href="https://social.skynetcloud.site/tags/SupplyChainSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SupplyChainSecurity</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/SecurityBoulevard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityBoulevard</span></a> <a href="https://social.skynetcloud.site/tags/SCA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SCA</span></a></p>
Pyrzout :vm:<p>Application Security Testing (AST) Explained – Source: securityboulevard.com <a href="https://ciso2ciso.com/application-security-testing-ast-explained-source-securityboulevard-com/" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">ciso2ciso.com/application-secu</span><span class="invisible">rity-testing-ast-explained-source-securityboulevard-com/</span></a> <a href="https://social.skynetcloud.site/tags/InteractiveApplicationSecurityTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InteractiveApplicationSecurityTesting</span></a> <a href="https://social.skynetcloud.site/tags/Applicationsecurityposturemanagement" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Applicationsecurityposturemanagement</span></a> <a href="https://social.skynetcloud.site/tags/dynamicapplicationsecuritytesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dynamicapplicationsecuritytesting</span></a> <a href="https://social.skynetcloud.site/tags/StaticApplicationSecurityTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>StaticApplicationSecurityTesting</span></a> <a href="https://social.skynetcloud.site/tags/applicationsecuritytestingtools" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>applicationsecuritytestingtools</span></a> <a href="https://social.skynetcloud.site/tags/SoftwareCompositionAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareCompositionAnalysis</span></a> <a href="https://social.skynetcloud.site/tags/ApplicationSecurityTesting" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>ApplicationSecurityTesting</span></a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>rssfeedpostgeneratorecho</span></a> <a href="https://social.skynetcloud.site/tags/SecurityBloggersNetwork" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityBloggersNetwork</span></a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurityNews</span></a> <a href="https://social.skynetcloud.site/tags/SecurityBoulevard" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityBoulevard</span></a></p>
Antonio Francesco Sardella<p><a href="https://stiankri.substack.com/p/manifest-confusion-in-pypi" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">stiankri.substack.com/p/manife</span><span class="invisible">st-confusion-in-pypi</span></a></p><p><a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>security</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/websecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>websecurity</span></a> <a href="https://infosec.exchange/tags/appsec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>appsec</span></a> <a href="https://infosec.exchange/tags/applicationsecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>applicationsecurity</span></a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>hacking</span></a> <a href="https://infosec.exchange/tags/python" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>python</span></a> <a href="https://infosec.exchange/tags/pypi" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>pypi</span></a> <a href="https://infosec.exchange/tags/manifestconfusion" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>manifestconfusion</span></a> <a href="https://infosec.exchange/tags/supplychain" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>supplychain</span></a> <a href="https://infosec.exchange/tags/dependencies" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>dependencies</span></a> <a href="https://infosec.exchange/tags/sca" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>sca</span></a> <a href="https://infosec.exchange/tags/softwarecompositionanalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>softwarecompositionanalysis</span></a></p>
InfoQ<p>⚠️ Beware of "alert fatigue" in your security processes!</p><p>Learn why integrating <a href="https://techhub.social/tags/SoftwareCompositionAnalysis" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SoftwareCompositionAnalysis</span></a> in your CI/CD pipeline is crucial for safeguarding your software from vulnerabilities: <a href="https://bit.ly/3LnT6Ci" rel="nofollow noopener" target="_blank"><span class="invisible">https://</span><span class="">bit.ly/3LnT6Ci</span><span class="invisible"></span></a> </p><p><a href="https://techhub.social/tags/InfoQ" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>InfoQ</span></a> article by Lukáš Křečan</p><p><a href="https://techhub.social/tags/Java" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Java</span></a> <a href="https://techhub.social/tags/SCA" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SCA</span></a> <a href="https://techhub.social/tags/CI" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CI</span></a> <a href="https://techhub.social/tags/CD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CD</span></a> <a href="https://techhub.social/tags/SecurityVulnerabilities" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityVulnerabilities</span></a></p>
TrendingLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload