SBOMs stories

Manifest's Marc Frankel highlights the need for specialised supply chain security to address risks posed by AI technologies in business operations.

AI integration in embedded software rises, with 89.3% using AI coding tools, yet 21.1% doubt their security against AI-specific risks, says Black Duck report.

BlueVoyant has launched a Software Bill of Materials tool to help firms manage third-party software risks and improve supply chain cyber defence.

Lineaje's survey reveals software supply chain security gaps, with 48% of experts missing SBOM compliance amid rising AI-related risks and vulnerabilities.

Red Hat launches Advanced Developer Suite on OpenShift, enhancing developer productivity, AI integration, and application security with new tools and templates.

The Cloud Native Computing Foundation has awarded its highest maturity status to in-toto, a security framework ensuring integrity in software development workflows.

Matt Aldridge from OpenText Cybersecurity warns that enterprises must bolster their AI security measures in 2025 to combat evolving cyber threats.

Cloudsmith has announced its compliance with the Open Container Initiative v1.1 standard, enhancing container image management and software supply chain relationships.

Memory safety vulnerabilities are surging in industrial control systems, with over 3,000 reported in 2022, prompting urgent calls for enhanced security measures.

Sonatype's latest report reveals open source software now comprises 90% of modern development, with a staggering 156% rise in malicious packages.

CAST has unveiled its CAST SBOM Manager, an automated tool designed to streamline Software Bill of Materials management for software providers facing new compliance mandates.

Sonatype’s SBOM Manager and Nexus Repository are now available on AWS Marketplace, offering AWS users enhanced software supply chain security and management.

Endor Labs reveals major security flaws in CocoaPods, threatening apps like Instagram and Uber. Critical CVEs could impact Swift and Objective-C supply chains.

Sonatype releases its SBOM Manager, a crucial tool to help organisations track and manage software components.

A Checkmarx study shows 63% of organisations faced software supply chain attacks in the past two years, with open-source software posing major risks.

DigiCert's new Device Trust Manager aims to secure IoT devices throughout their lifecycle, addressing complex compliance needs and ensuring operational continuity amidst rising threats.

Cybersecurity firms, Legit Security and GuidePoint Security, form strategic partnership to enhance businesses' application security positions, helping them navigate challenges while bolstering productivity.

Security in the software supply chain stands on shaky ground, as reliance on prebuilt and open-source code leads to rampant vulnerabilities and 91% of firms report incidents within the last year.

CAST Highlight has been ranked top for user satisfaction in G2's SBOM management category, affirming its efficacy as a streamlined, cloud-based Software Bill of Materials (SBOM) solution.

Sonatype debuts its innovative SBOM Manager at KubeCon Europe, offering companies improved compliance and cybersecurity in software supply chains.