Develop Secure Software logo

John P. Mello Jr.

John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.

Recent Posts from John P. Mello Jr.

Software supply chain security practices are maturing — but it's a work in progress
March 20, 2023

Software supply chain security practices are maturing — but it's a work in progress

Experts weigh in on a new OpenSSF SLSA framework survey — and the overall state of supply chain security practices.
Read More
PyPI repo poisoned with "Colour-Blind" RAT
March 9, 2023

PyPI repo poisoned with "Colour-Blind" RAT

Here are the key takeaways from the Colour-Blind remote access trojan, with insights from supply chain security experts.
Read More
10 software supply chain attacks you can learn from
January 4, 2023

10 software supply chain attacks you can learn from

Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable 2022 software supply chain attacks. 
Read More
GitHub repojacking attack: 10 lessons for software teams
November 23, 2022

GitHub repojacking attack: 10 lessons for software teams

Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.
Read More
SBOMs in the SaaS era: 5 reasons why you should consider a SaaSBOM
November 8, 2022

SBOMs in the SaaS era: 5 reasons why you should consider a SaaSBOM

Here's why your organization should consider a SaaSBOM, as well as the essential challenges facing their implementation.
Read More
The state of CI/CD security: Upgrade your software supply chain tools to maintain velocity and security
October 26, 2022

The state of CI/CD security: Upgrade your software supply chain tools to maintain velocity and security

Modern software supply chain security depends on getting your tools right, and focusing on the end-to-end software development lifecycle. Here's what you need to maintain your software development and release and stay secure.
Read More

SUBSCRIBE

Subscribe to the develop.secure.software newsletter to stay up to speed, learn best practices and more.