#sbom

[ follow ]
fromDevOps.com
1 week ago

Survey Surfaces Raft of AI Coding Issues Involving Embedded Systems - DevOps.com

AI coding assistants are widely used in embedded-system development, but governance, security, and open-source license risk confidence remain lacking.
fromSecuritymagazine
1 week ago

Report Reveals Gap Between AI Use and AI Security In Embedded Software

The State of Embedded Software Quality and Safety 2025 from Black Duck reveals a disconnect between the organizational use of AI and AI security. The embedded software landscape is transforming, largely driven by AI, with 89.3% of organizations already utilizing AI coding assistants and 96.1% integrating products with open source AI models. However, 21.1% of organizations still lack confidence in their capabilities to prevent AI from opening the door to vulnerabilities.
Software development
fromDevOps.com
1 week ago

The EU's Cyber Resilience Act: Redefining Secure Software Development - DevOps.com

The CRA fundamentally redefines how software will be built and maintained, pushing organizations to adopt more structured, transparent, and security-centered development strategies. And if you're like most commercial software developers who incorporate open source components, you'll need to account for your dependencies. Your team will need time to adapt development and security workflows to meet these new expectations. The timeline for CRA compliance is already in motion: December 2024 - The CRA came into force. This marked the start of the transition period for all affected stakeholders.
Information security
#software-supply-chain
fromSecuritymagazine
1 week ago
Information security

CISA Issues Software Bill of Materials Draft, Encourages Public Comments

Updated minimum elements for SBOMs guide standardized, machine-readable SBOM generation and sharing to improve software supply chain transparency and risk-informed cybersecurity decisions.
fromTechzine Global
3 months ago
Software development

Dropping the SBOM, why software supply chains are too flaky

The importance of managing software supply chain security is rising due to increased vulnerabilities and the prevalence of open-source software.
more#software-supply-chain
fromDevOps.com
1 month ago

SBOMs Are Not Enough - DevOps.com

SBOM is essential for effective software composition analysis to manage vulnerabilities in third-party components.
Information security
fromDevOps.com
3 months ago

Survey Surfaces Uneven Adoption of SBOMs to Secure Software - DevOps.com

Many organizations are struggling to meet SBOM requirements and integrate necessary tools.
A significant majority believe AI can improve security visibility but also raise new risks.
[ Load more ]