Open Source Vulnerability Management

How to Defend Against Software Supply Chain Attacks

Software supply chain attacks are an increasingly common and dangerous type of cyberattack. Here's how to defend against them.

Container Image Security and Vulnerability Scanning

Get an overview of today's container image security landscape, including common attack vectors and the importance of vulnerability scanning.

Open Source Vulnerability Management

All About CWE-79: Cross-Site Scripting

CWE-79: Cross Site Scripting (XSS) is one of today's most commonly found vulnerabilities. Here's a look at different types of XSS attacks and how to stop them.

Open Source Vulnerability Management

Application Security for Developers: SCA, DAST, and GitHub Actions

See how tools like SCA and DAST can fuel developer-centric application security, and get step-by-step guidance for using them in GitHub Actions.

Open Source in the News

4 Takeaways from the 2021 State of Open Source Vulnerabilities Report

Dive into the latest data on today's open source security landscape, and see which libraries and languages are most vulnerable to attacks.

Open Source Vulnerability Management

Introducing Open Source Security Management at Enterprise Scale

Today, we are excited to announce the launch of FOSSA Security Management, empowering enterprises to proactively and continuously prevent vulnerabilities from shipping to production and mitigating risk throughout the entire software development lifecycle.