Shining a Light on Shadow AI: What It Is and How to Find It
Find out more about shadow AI and the risks of leaving it uncovered ... Read More
Black Hat 2024: AI, AI, and Everything Else
Chris Lindsey shares his takeaways from another exciting Black Hat conference ... Read More
Dude, Where’s My Documentation?
When the zero day hits the fan, can you find the information you need? ... Read More
Next-Gen Vulnerability Assessment: AWS Bedrock Claude in CVE Data Classification
Learn more about how organizations can use open source software to innovate while minimizing risk ... Read More
A Guide to Open Source Software
Learn more about how organizations can use open source software to innovate while minimizing risk ... Read More
Dependency Management: Protecting Your Code
Learn how to protect your application’s code with dependency management, and why automation is critical for effective dependency updates ... Read More
More than 100K sites impacted by Polyfill supply chain attack
The new Chinese owner tampers with the code of cdn.polyfill.io to inject malware targeting mobile devices ... Read More
Dependency Management vs Dependency Updates: What’s the Difference?
Keeping dependencies up to date is a big part of dependency management, but it's not everything. Learn more about the differences between the two ... Read More
Hallucinated Packages, Malicious AI Models, and Insecure AI-Generated Code
Worried about attackers using AI models to write malicious code? Here are three other ways AI model use can lead to attacks ... Read More
Quick Guide to Popular AI Licenses
Not all "open" AI licenses are truly open source. Learn more about the most popular licenses on Hugging Face ... Read More
