Grayson Milbourne is a security intelligence director at OpenText Cybersecurity. Read Grayson Milbourne's full executive profile here.
use open-source code and 90% of companies across industries are applying or using it in their operations. The collaborative, accessible and time-saving nature of open-source software has been tremendous for developing and innovating the technology we rely on every day, but it is not without serious cybersecurity risks.
This is important because new vulnerabilities in open-source packages are frequently discovered, and threat actors routinely look for software components to attack that have widespread use.. Log4j is a popular open-source Java logging component that was actively exploited by attackers and had the potential to impact millions of consumer products, enterprise software and web applications.
There are plenty of excellent open-source tools that can produce an SBOM for you, such as Syft, Trivy, BOM and CycloneDX, as well as other commercial service providers. A little research will go a long way in finding the right fit for your needs. While researching your options and getting started with implementing an SBOM, here are a few important considerations:
2. SBOMs should be added to new software acquisition processes. Given the additional context, it can help make smarter decisions. For example, there are often several vendor solutions for a given application. SBOM analysis can highlight which solutions are dependent on open-source components as well as dependencies. A vendor supporting SBOMs alone could be a deciding factor.
Malaysia Latest News, Malaysia Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
Friends and family, businesses are common sources of candidates’ fundingFor many candidates, digging into their own pockets and tapping relatives for a little help provides the funding they need to run a campaign. Most candidates for municipal elections receive their campaign donations from sources including private citizens, businesses, unions, other candidates, precinct organizations and political action committees.
Read more »
G7 economies will agree to an AI code of conduct for businesses on Monday.As the White House preps to announce a new executive order aimed at AI companies, Reuters reported that the G7 will agree on an international rulebook for AI responsibility.
Read more »
Corruption, backroom deals, local politics mire N.J.’s legal weed rollout, businesses sayIn an ongoing, yearlong investigation, NJ Advance Media has identified multiple circumstances where conflicts of interest have gone unchecked, and where political favoritism has been cited among cannabis-permit applicants.
Read more »
Alamo Plaza businesses navigate dust and detours amid constructionPortions of Alamo Plaza and its surrounding promenades will be construction zones for at least two more years.
Read more »
As baby boomers retire, German businesses turn to robotsAs baby boomers retire, German businesses turn to robots
Read more »
How China's economic woes could carry a high cost for Western businesses“You could say that the U.S. has been the tortoise in the lead and China has been the hare.”
Read more »