software vulnerability | Revenera Blog

How the U.S. Executive Order Is Shaping the Software Supply Chain Going Forward

Early in December of 2021, the international cybersecurity community mobilized in response to the discovery of the Log4J vulnerability. This critical vulnerability was within the logging librar…

July 11, 2022 Kendra Morton

June Newsletter: The Latest Buzz in Software Composition Analysis Professional Services

In The News Software Composition Analysis Certification for Legal Professionals Log4j: Come out, come out wherever you are! Spring4Shell: Deep breath. Don’t panic. Mitigate. Field Notes: Understanding…

June 15, 2022 Michael Lelchuk

Spring4Shell: Deep breath. Don’t panic. Mitigate.

Development and security teams, software creators, and companies alike were hit once again with another vulnerability when news made its way online of a disclosure of a PoC for an unauthenticated zero…

April 4, 2022 Kendra Morton

The story behind colors.js and faker.js

The bizarre case of the author who corrupted his own npm packages – colors.js and faker.js. Originally reported by Bleeping Computer on Jan 9th the author of npm packages colors.js and faker.js…

February 9, 2022 Marcus Lucero

Software supply-chain vulnerabilities: A close look on code

Vulnerabilities that affect the supply chain of software and its distribution are easily among the most terrifying experiences any company involved must endure. Such vulnerabilities typically affect a…

December 15, 2021 Lars Wiebusch

What you need to know about the Log4j security vulnerability

If you’re not scrambling to contain and fix this vulnerability, do so now. It’s a doozy folks! Every organization using third-party software or developing custom applications with the Java programming…

December 13, 2021 Kendra Morton

When is the right time to conduct an open source audit?

No matter what industry you are in, your company’s code most definitely contains code from someone else. Today’s software is not written from scratch, but rather assembled from parts. Th…

November 22, 2021 Michael Lelchuk

How developers can drive open source compliance

Perhaps you’ve seen the delightfully clever new ad for the iPhone and Apple Watch integration, in which a farmer taps a button on his watch that then signals his phone, lost in a huge haystack, to bee…

September 20, 2021 Kendra Morton

Will your customers want proof of a secure software supply chain?

A little more than a week before the Colonial Pipeline attack, two government agencies issued an overview and guidance on how software buyers and vendors could identify, assess and mitigate software s…

June 24, 2021 Kendra Morton

The New Cybersecurity Executive Order: 2021 is the Year of the SBoM

Back in February my colleague Alex Rybak posted a blog titled 2021 Will Be the Year of the Automated Software Bill of Materials. Well, yesterday, in an executive order signed by President Biden, that …

May 13, 2021 Kendra Morton

Tag: software vulnerability

How the U.S. Executive Order Is Shaping the Software Supply Chain Going Forward

June Newsletter: The Latest Buzz in Software Composition Analysis Professional Services

Spring4Shell: Deep breath. Don’t panic. Mitigate.

The story behind colors.js and faker.js

Software supply-chain vulnerabilities: A close look on code

What you need to know about the Log4j security vulnerability

When is the right time to conduct an open source audit?

How developers can drive open source compliance

Will your customers want proof of a secure software supply chain?

The New Cybersecurity Executive Order: 2021 is the Year of the SBoM

Topics

Tweets by Revenera

Archive

Install

Protect

Monetize

Resources

About Us