SiliconANGLE

Endor Labs launches with $25M to secure open-source code dependencies

Endor Labs, a software management platform that helps developers deal with software code dependencies, launched out of stealth mode today with $25 million in seed funding to help enterprise developers ...

The open source blind spot in our supply chains

Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.
TechRepublic

Open source code for commercial software applications is ubiquitous, but so is the risk

Open source code for commercial software applications is ubiquitous, but so is the risk Your email has been sent It was almost exactly one year ago that experts found ...
Forbes

The Hidden Risk Lurking In The Software Supply Chain: Transitive Open-Source Dependencies

Varun Badhwar is CEO & Co-Founder at Endor Labs. Previously, he built Prisma Cloud for Palo Alto Networks following the RedLock acquisition. Packages arriving late, stores out of stock or overstocked, ...
TechCrunch

Protestware on the rise: Why developers are sabotaging their own code

If combating attacks and hijackings of legitimate software on open source registries like npm weren’t challenging enough, app makers are increasingly experiencing the consequences of software ...
The Verge

Google’s open-source bug bounty aims to clamp down on supply chain attacks

Google has introduced a new vulnerability rewards program to pay researchers who find security flaws in its open-source software or in the building blocks that its software is built on. It’ll pay ...