John Ellis is the President and Head of Product for Codethink, a world-class provider of critical, high-performance software projects. Open-source software is publicly available software developed and distributed with its source code, allowing anyone to ...

More open-source developers are finding that, when used properly, AI can actually help current and long-neglected programs. However, legal and quality issues loom.

Just like you probably don't grow and grind wheat to make flour for your bread, most software developers don't write every line of code in a new project from scratch. Doing so would be extremely slow and could create more security issues than it solves.

The full breadth of this incident is still unclear, but given the popularity of the compromised package, we expect it will have far reaching impacts,” a chief Google analyst said.

SARATOGA, Calif.--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company, today launched end-to-end capabilities that will fundamentally transform how organizations protect their critical software. The release includes Lineaje ...

For years, software security focused on the final product: the code that ships. Today, attackers are increasingly targeting the systems that build the software itself.

Supply chain attacks are increasing in volume, but open source vulnerabilities continue relatively unnoticed.