The Apache Log4j vulnerability has been making global headlines since it became public on 9th December 2021. The report stated that the vulnerability affects Apache log4j between versions 2.0 and 2.14.1 and is independent of the underlying JDK version. It was a full-blown security meltdown that resulted in hackers performing remote code executions and affected digital systems across the globe. In response, Apache implemented patch fixes, but some components remained unattended.

SBOM is the acronym for Software Bill of Materials, which is a list of all the open source npm packages that are part of your project. But it’s not only limited to open source or software packages, and can include operating system libraries, microservices inventory and more.

ServiceNow’s biggest event of the year — Knowledge 2023 — is here, and Snyk is excited to be a part of it with some big news! Back in January, we announced Snyk Security for Application Vulnerability Response to bring Snyk Open Source software composition analysis to ServiceNow Security Operations.

Last week, the godfather of AI, Geoffrey Hinton smashed the glass and activated the big red AI alarm button warning all of us about creating a world where we won’t “be able to know what is true anymore”. What’s happening now with everything AI makes all the other tech revolutions of the past 40 plus years seem almost trivial.

Agreement between Synopsys and ReversingLabs delivers comprehensive software supply chain risk management solution.

With all the cybersecurity benefits an SBOM offers, it’s a wonder they weren’t used in the software development life cycle long ago. Today, the need for SBOMs has grown more urgent because open source has become a core part of modern software development. At least one report finds that 75% of all codebases audited were composed of open-source components with known security vulnerabilities.