Read research reports about application security, DevSecOps, open source license compliance and audit
“The latest Gartner report recommends that security and risk management leaders adopt a composable view of application security. They should focus on orchestrating multiple application security innovations to serve as a coherent defense, rather than relying on a set of stand-alone products.” Download this report from Gartner to learn: The different application security tools that...
Application security teams face myriad challenges in 2022. Applications are once again the number one way in for malicious actors, and software supply chain vulnerabilities continue to climb. To move forward effectively, security professionals need to find a way to move beyond a tactical and reactive mindset to rebuild an application security that integrates tightly...
What’s in the report? Learn how the most popular JavaScript package manager – npm – is being used by malicious actors to launch attacks, run botnets, and steal credentials and crypto. Why should you care about malicious npm activity? JavaScript is the most commonly used programming language globally, and 68% of developers depend upon it...
As AppSec practices continue to shift left into development, the task of ensuring that open source libraries are up-to-date and vulnerability-free falls on developers’ shoulders -- and it is quite a task. In order to gain a better understanding of the process of open source vulnerability management, our Knowledge Team analyzed vulnerable npm packages, checking the CVE publication date and comparing it to the release date of the vulnerabilities’ fix.
What’s in the report? Find out how the top 10 SCA vendors rank and why Forrester named WhiteSource a leader in their Software Composition Analysis Wave™ Report, Q3 2021. Why should Software Composition Analysis matter to you? Forrester reports that open source components made up 75% of all code bases in 2020, up from 36%...
Mend Annual Report Open Source Vulnerabilities 2021
Whitesource Ponemon Research Report: "Reducing Enterprise Application Security Risks"
Mend Report - DevSecOps Insights 2020
WhiteSource Report - Developers Are Taking Over AppSec