Guides
Protect AI models, data, and systems
Test for behavioral risks in conversational AI
Mitigating risks and future trends
AppSec types, tools, and best practices
Automating dependency updates
Manage open source code
Keep source code safe
Improve transparency, security, and compliance
Pre-production scanning and runtime protection
Secure containerized applications
Comparing Docker Images To Docker Containers
Learn the differences between Docker images and containers. Understand how Docker revolutionizes containerization technology.
Apache Struts Vulnerabilities Pose ‘Stay or Go’ Question
Stay informed about the latest Apache Struts vulnerabilities and the ongoing debate of whether to continue using the framework or migrate off it.
Get to know Mend Merge Confidence Feature
Introducing Mend Merge Confidence, a feature to save time and reduce risk in updating dependencies. Learn how it works and more.
What Is CVSS v3.1? Understanding The New CVSS
Learn about the Common Vulnerability Scoring System (CVSS) v3.1 & how it measures severity, not risk, in assessing security vulnerabilities.
White Box Testing Guide
Learn about White Box Testing in software development with this comprehensive guide. Understand the types, techniques, tools, advantages.
Top 8 BSD License’s Questions Answered
Get answers to the top 8 BSD License questions in this blog. Learn about the terms, compatibility with GPL, copyleft status, and more.
SCA vs SBOM: Getting Started With Software Composition Analysis
Top tips for starting with a software composition analysis solution. Build a team, set goals beyond scanning, understand the data model, make policies work, start small.
Open Source Copyleft Licenses: All You Need to Know
All you need to know about Open Source Copyleft Licenses. Learn about the history, benefits, and considerations of using copyleft licenses.
How to Expose Ports in Docker
Learn how to expose ports in Docker with different networking rules. Understand the differences between EXPOSE, --expose, -P, and -p flags.
Be Wise — Prioritize: Software Security Vulnerability Prioritization
Learn how to prioritize software security vulnerabilities effectively to ensure your team is addressing the most urgent threats first.
Eclipse SW360: Main Features
Learn about the main features of Eclipse SW360, an open source tool to manage software components.
Top 10 Common Development and Distribution License Questions Answered
Get answers to the top 10 Common Development and Distribution License questions. Learn about CDDL terms, compatibility, and more.
Using Go Modules for Golang Dependency Management
Learn how to use Go Modules for efficient Golang dependency management. Simplify package management, updating, and removal in your Go apps.
Why Manually Tracking Open Source Components Is Futile
Learn why manually tracking open source components is futile and how automation through software composition analysis can help manage licenses.
Black Box Testing: What You Need to Know
Learn all about black box testing in application security & quality assurance. Discover techniques, & tools and more.
Choosing the Right SCA Solution: 7 Questions That Actually Matter
Discover the top 7 questions to ask when evaluating a Software Composition Analysis solution for managing open source components.
Join our subscriber list to get the latest news and updates
Thanks for signing up!
