Endor Labs has collaborated with Aikido Security, Arnica, Amplify, Kodem, Legit, Mobb, and Orca Security to introduce Opengrep, an initiative designed to maintain open access to static code analysis ...

Open source software is ubiquitous. It has become an unequaled driver of technological innovation because organizations that use it don't have to reinvent the wheel for common software components.

Static source code analysis tools can be an invaluable tool for software developers. Technology Editor Bill Wong talks with some of the major vendors in this space. Finding problems in applications is ...

Sonar, the leading provider of integrated code quality and code security solutions, is unveiling SonarQube Advanced Security, a significant advancement in code security which will soon be available.

AI assistants are a double-edged sword for developers. On one hand, code-generation assistants have made creating barebones applications easier and led to a surge in code pushed to GitHub. Yet just as ...

Persistent open source security concerns Why developers need to improve at keeping open source components up-to-date The need for a Software Bill of Materials (SBOM) for software supply chain ...

Coverity Inc. says the new release of its Prevent static code-analysis software embodies a new approach to “software mapping” that finds more bugs in embedded and enterprise software than previous ...

Software teams today are shipping code faster than ever. But security and quality are clearly struggling to keep pace. In fact, 74% of companies admit that insecure code led to at least one security ...

Anthropic's Claude Opus 4.6 surfaced 500+ high-severity vulnerabilities that survived decades of expert review. Fifteen days ...

Beyond uniting developers under shared ideologies, goals and pain points, Open Source Summit North America ignited conversations at the intersection of code, community and change. Against the backdrop ...