12.12.2024
SBOM
Navigating Open-Source-Compliance in 2024: The Critical Role of Scanning Depth and SBOMs In the evolving landscape of cybersecurity and software compliance, the importance of open source compliance cannot be overstated. New regulatory requirements like the Cyber Resilience Act (CRA), the Network and Information Security Directive (NIS2), and the Digital Operational Resilience Act (DORA) have introduced stricter obligations for organizations, especially
Immersive open source compliance visualization
13.11.2024
SBOM
Imagine you could search through every single component of your software like a map – identify risks at a glance, track down hidden dependencies and effortlessly expose vulnerabilities. This is exactly what a software bill of materials (SBOM) makes possible! This article explains why this “list of ingredients” is indispensable for modern software projects today, especially as open source now
Digital Operational Resilience Act (DORA): Comprehensive checklist for companies
04.09.2024
SBOM
Ms. Wittman is a lawyer in Munich and a partner at Bitsea. To enhance digital operational resilience, the European Commission has introduced the Digital Operational Resilience Act (Regulation (EU) 2022/2554 – “DORA”) as part of its Digital Finance Package 2020. Currently, regulations on digital resilience are scattered across various sector-specific EU laws and guidelines (e.g., MiF II, CRD, PSD2, Guidelines
Bisquat2: What is hiding there?
23.07.2024
SBOM
Today, we are shedding light on a topic that is still all too readily overlooked as the “little sister of programming”. What hardly anyone cared about 20 years ago is to be placed under state control in the immediate future! As we now know, a major focus of Bitsea is checking for hidden risks in software. Many people typically first
The Cyber Resilience Act (CRA) and the Management of Open Source
09.07.2024
SBOM
Open source is everywhere: Hardly any product today can do without digital components, from electric toothbrushes and baby monitors to smartwatches. Less obvious to many users is the security risk that such products pose for the end users. The new European Cyber Resilience Act (CRA) aims to ensure that consumers receive secure products. The regulation was announced in the EU
Quickstart: NIS2-Directive
14.05.2024
SBOM
What is the NIS2 Directive? The NIS2 Directive, or the Directive on Security of Network and Information Systems, is a European Union (EU) directive that aims to enhance the overall cybersecurity and resilience of network and information systems across various critical sectors. NIS stands for Network and Information Systems. The directive was initially adopted in 2016 and became effective in
Quickstart: CRA (Cyber Resilience Act)
05.04.2024
SBOM
What is Cyber Resilience Act? The European Cyber Resilience Act (CRA) aims to set the boundary conditions for the development of secure products with digital elements by ensuring that hardware and software products are placed on the market with fewer vulnerabilities and that manufactures take security seriously throughout a product’s life cycle. It was introduced by the European Parliament in
Open Source Compliance? But more efficient, please!
22.09.2023
SBOM
Open Source Software (OSS) is everywhere and has become indispensable for modern software development. A typical software product today often contains more than 90% open source. The use of OSS has continued to skyrocket in recent years for a variety of reasons. Alarmed by spectacular cyberattacks on the software supply chain, the USA has issued regulations such as the “Executive
Level Up Your Security Game with VDR and VEX Reports
25.05.2023
SBOM
When we talk about security related to the software supply chain and third-party software management, it’s key that the tools you use provide detailed reports on the known and unknown vulnerabilities inside applications along with the level of exploitability of those vulnerable components. Absent that, all you have is a listing of SBOM parts without much to act on. Typically,
SBOMs: It’s All About Transparency into the Complexity of Your Software
15.11.2022
SBOM
In this article Kendra Morton, Product Marketing Team Leader at Revenera, discusses how the software industries relies on open source software. She observes that most applications are a mix of proprietary code a mix of third-party and open source software. Morton describes of the acceleration production process and the rise of software complexity. Morton identifies some challenges like the increase