Software Supply Chain Security: A Guide
Software supply chain security is critical because software is an integral part of the ability to execute daily business functions. Read this guide for an overview of supply chain risks and how to address them.
What is Software Composition Analysis (SCA): A Guide
This comprehensive guide will explain how Software Composition Analysis (SCA works), security issues to consider and what to look for in an SCA provider.
Vulnerability Exploitability eXchange (VEX): A Guide
VEX is a machine-readable artifact that contains product and vulnerability details. It can also be considered as a form of a security advisory that provides context to whether a component present in a product or products is affected by one or many vulnerabilities. It can easily integrate with existing tools and can be shared for use.
Vulnerability Patching: A Guide
Vulnerability patching is the short-term implementation of patches, which are pieces of code added to existing software to improve functionality or to remove vulnerabilities that have been...
Attack Surface Management: A Guide
Attack Surface Management (ASM) is the ongoing discovery, inventory, classification, prioritization, and security monitoring of an organization’s IT infrastructure. The attack surface is all of the entry...