Develop Secure Software logo
U.S., OpenSSF school dev teams on supply chain security
September 8, 2022

U.S., OpenSSF school dev teams on supply chain security

The U.S. government is sending developers back to school with a new document. But, oh my, what a lot of words.
Read More
Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world
September 7, 2022

Enduring Security Framework's software supply chain guidelines: A roadmap for the post-SolarWinds world

The new guidance codifies lessons from the SolarWinds hack, including for securing third-party code and development pipelines. Here are four key takeaways.
Read More
The SBOM is evolving: 4 key trends that will boost software supply chain security
September 6, 2022

The SBOM is evolving: 4 key trends that will boost software supply chain security

Software bills of materials will never be a panacea for software supply chain security. Here are key trends that will deliver some welcome evolution, however.
Read More
LastPass hacked (again): What devs can learn
August 31, 2022

LastPass hacked (again): What devs can learn

In the most recent LastPass hack, bad actors stole source code and other secrets from its dev environment. Learn from it.
Read More
New malicious packages in PyPI: What it means for securing open source repositories
August 29, 2022

New malicious packages in PyPI: What it means for securing open source repositories

After a recent discovery of malicious PyPI packages, questions remain about the security community’s ability to mitigate threats posed to open source repositories.
Read More
5 reasons to stop blaming developers for software security fails
August 26, 2022

5 reasons to stop blaming developers for software security fails

It's counterproductive to blame developers for software security woes. Here are five reasons why.
Read More

SUBSCRIBE

Subscribe to the develop.secure.software newsletter to stay up to speed, learn best practices and more.