Blog
Explore the latest trends in software security. Our blog features contributions from industry experts, Dependency-Track developers, and passionate users like you.
Security
Understanding and Managing the SBOM Lifecycle: An Essential Guide for Organizations
With the explosion of software building blocks including code generated by LLMs like ChatGPT, it is increasingly important for companies to understand the supply chain for software that they build, buy or use. This is because any modern software product is composed of hundreds of components, some of which may have questionable origins and add […]
Security
Best practices for assessing today’s software risks
Today’s software offerings are constructed from a plethora of home-grown, open-source, purchased and AI-generated code. Assessing the vulnerability risk in each of these components is common practice in DevSecOps processes, but it’s becoming increasingly apparent that the combination and interdependencies between these components often creates intolerable risk that is not exposed from standard vulnerability practices. […]
Security
Why SBOM analysis is a prudent augmentation of your security strategy
Software Bill of Materials (#sboms ) provide producers and consumers of software with transparent information on components, and their interdependencies, within a software package. SBOMs have emerged as being essential to managing security risk and licensing within today’s applications. Managing software security and licensing without SBOMs was hardly possible. Think of the pain that many organizations suffered […]