Sign up now
Schedule
Want to stay in the loop?
Sign up for our newsletter.
GitHub Actions are open source dependencies - secure them accordingly! Learn how to effectively manage the security risks associated with GitHub Actions with a proactive approach focusing on three key areas: visibility, hardening, and dependency management.
Click to read
Solution from category-defining entrepreneurs and world-renowned experts helps developers spend less time dealing with security issues, more time accelerating their development through safe code reuse.
Click to read
At Endor Labs, we continue evaluating the use of large language models (LLMs) for all kinds of use-cases related to application security. And we continue to be amazed about high-quality responses … until we’re amused about the next laughably wrong answer.
Click to read
What’s the best of the best when it comes to open source security tools?We’ve previously talked about the OpenSSF Scorecard, which gives developers a high-level snapshot of the security of any given open source project. But in this post, we’ll talk about a related project, the Open Source Security Index (OSSI), which does something slightly different and complementary.
Click to read
Experiments with GPT-3.5 suggest that LLM-based malware reviews can complement, but not yet substitute human reviews. 1800 binary classifications performed with GPT-3.5 included false-positives and false-negatives.
Click to read
Explore the different types of open source licenses and how they impact the use, modification, and distribution of open source software. From GPL to Apache, MIT and more, learn the key differences between permissive and restrictive licenses and how to choose the right one for your project.
Click to read
Developers are bombarded with information every day. Constant context switching and information overload are among the biggest barriers to productivity. There are simply too many demands for their attention. One day the sales team will understand. Right?
Click to read
Explore the challenges of modern vulnerability management and the efficiency of the Vulnerability Exploitability eXchange (VEX) in our latest blog post. Learn how VEX helps identify and communicate the true exploitability of vulnerabilities, streamlining cybersecurity efforts in the face of overwhelming scanner findings.
Click to read
Join us at the Supply Chain Cyber Security Summit April 18-19th in Madrid to learn more about:
Want to attend the panel we are on?
Join us on April 19th at 2:30 PM as Henrik Plate speaks on Boosting Software Supply Chain Maturity to the Next Level with the SBOM Panel with key talking points:
RSVP today!
Sign up for our newsletter.