ZDNet

Microsoft: Application Inspector is now open source, so use it to test code security

Microsoft has released the Microsoft Application Inspector, a cross-platform open-source command-line tool that its engineers use to quickly probe third-party open-source software components for ...
CSOonline

The state of application security: What the statistics tell us

Companies are moving toward a DevSecOps approach to application development, but problems remain with security testing ownership and open-source code vulnerabilities. Credit: kristina flour; modified ...
InfoWorld

How to upstream code to open source projects

Upstreaming can improve your code, simplify development, and lighten your maintenance burden. Follow these best practices when donating code and reap the benefits. Code commonly flows downstream, from ...