Vulnerability Remediation: A Practical Guide
Understand the difference between vulnerability remediation and mitigation. Discover tools and an organizational process that can help you remediate vulnerabilities.
Read about application security, DevSecOps, open source license compliance and audit
Understand the difference between vulnerability remediation and mitigation. Discover tools and an organizational process that can help you remediate vulnerabilities.
WhiteSource security analyzed the possible impact of a newly discovered RubyGems vulnerability that uses cache poisoning to implement an unauthorized takeover of new gem versions.
The WhiteSource security team blocked a malicious npm package that uses a novel approach to disguise and execution.
Using data from Diffend, the WhiteSource research team conducted an impact analysis of a recent critical CVE disclosed for RubyGems.
As new threats in software development arise almost daily, attackers increasingly are targeting the software supply chain. CI/CD pipelines streamline the process of transforming raw materials and resources into a completed product and facilitate its delivery to the end customer. These raw materials come from numerous sources in the software supply chain, many of which...
Learn about the NIST C-SCRM program, its approach to supply chain security, and 4 critical best practices NIST recommends to secure your digital supply chains.
In today’s digital world, open-source software is vital to modern application development. And as we know, what’s important to the business world is important to threat actors. But how can companies successfully combat the rising tide of vulnerabilities? Join experts from WhiteSource and Microsoft as they discuss the value of blending proactive practices to code...
Discover why cybersecurity will be a hot topic at KubeCon 2022. Learn why standard vulnerability scoring is no longer sufficient, and find out why priority scoring is the future of vulnerability management.
WhiteSource’s Diffend identified, blocked, and reported two malicious packages that may indicate a new takeover method that targets packages of a well-known origin.
“As DevOps continues to gain popularity for rapid delivery and innovation of IT-enabled capabilities, concerns about security increase. Security and risk management leaders must adapt security tools, processes and policies to the DevOps toolchain without slowing the development and release process.” Download this report from Gartner to read their recommendations on how to: Work in...
Learn how vulnerability assessment tools work, key features and capabilities, and discover five great tools that can help you scan and remediate vulnerabilities.
Daniel Elkabes, lead security researcher at WhiteSource sat down with CyberNews to discuss security best practices for addressing threats.