John P. Mello Jr.

John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.

Recent Posts from John P. Mello Jr.

September 14, 2022

OpenSSF's npm best practices: A solid first step for software supply chain security — but trust issues remain

Here's what you need to know about the new OpenSSF npm security best practices.
September 6, 2022

The SBOM is evolving: 4 key trends that will boost software supply chain security

Software bills of materials will never be a panacea for software supply chain security. Here are key trends that will deliver some welcome evolution, however.
August 26, 2022

5 reasons to stop blaming developers for software security fails

It's counterproductive to blame developers for software security woes. Here are five reasons why.
August 18, 2022

6 reasons app sec teams should shift gears and go beyond legacy vulnerabilities

With software supply chain attacks surging, app sec teams should shift gears from legacy vulnerabilities to open-source repos, dev tools, and tampering.
August 12, 2022

NVD Analysis 2022: Why you need to modernize your software security approach

The NVD as it is today does not tell the full story of software risk. Here's why the NVD — and your software security approach — need to be modernized.
August 2, 2022

OpenSSF's open source security mobilization initiative: Inside the 10-point action plan

Here is a run-down of the 10 streams from OpenSSF's Open Source Software Security Mobilization Plan.