Endor emerges from stealth with $25M to secure software supply chains

An increasing percentage of the code that companies use to develop software is open source. In a 2018 survey by Tidelift, a software supply chain management platform, 92% of professional software developers said that their apps contained open source libraries. While that’s a positive trend  — open source confers a wealth of benefits, not least of which transparency — it can have its drawbacks, like low visibility into whether the code might contain vulnerabilities.
A number of vendors are tackling the issue of open source security, offering tools that scan the metadata and de

リンク元