Develop Secure Software logo
GitHub Copilot’s ML ‘Code Brushes’: Ready for a Bob Ross ‘happy little accident’?
January 18, 2023

GitHub Copilot’s ML ‘Code Brushes’: Ready for a Bob Ross ‘happy little accident’?

Machine learning can be a cognitive crutch, causing code vulnerabilities. Use with extreme caution!
Read More
Supply chain security and compliance: Why software organizations should get out in front of requirements
January 18, 2023

Supply chain security and compliance: Why software organizations should get out in front of requirements

Get out in front of software supply chain compliance requirements for a competitive advantage. Here's what your software organization needs to know.
Read More
The CircleCI hack is a red flag for security teams on software supply chain risk
January 17, 2023

The CircleCI hack is a red flag for security teams on software supply chain risk

Security teams should consider consider software supply chain risk through a new lens after the latest CircleCI incident.
Read More
If you don't love me now: JsonWebToken breaks the software supply chain (again)
January 11, 2023

If you don't love me now: JsonWebToken breaks the software supply chain (again)

The JsonWebToken library has a serious flaw — providing yet another example of the risks in uncontrolled software supply chains.
Read More
PyTorch supply chain attack: Dependency confusion burns DevOps
January 4, 2023

PyTorch supply chain attack: Dependency confusion burns DevOps

The PyTorch open source software supply chain was compromised by a hacker publishing a malicious torchtriton clone on PyPI. Here's the craic.
Read More
10 software supply chain attacks you can learn from
January 4, 2023

10 software supply chain attacks you can learn from

Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable 2022 software supply chain attacks. 
Read More

SUBSCRIBE

Subscribe to the develop.secure.software newsletter to stay up to speed, learn best practices and more.