/
- A lightweight methodology for continuous software process compliance
- Beyond SBOMs – Essential Tools for Software Supply Chain Security
- Beyond Vibe Coding: AppSec Strategies for Secure & Auditable AI Systems
- Breaking the illusion of coverage in AppSec Testing
- Continuous compliance through automated audits
- CVD, CRA and EUVD from the perspective of a national CSIRT
- CycloneDX 2.0 Preview: Evolving BOM Architecture for Broader Applicability
- Designing User Security Controls in SaaS Shared Security Model
- Enhancing artifact security with GitHub Artifact Attestations
- From Regulation to Realization: A Practical Path for Aligning Products with CRA and RED DA
- Games as tools for securing your apps
- How Erlang/OTP and the EEF Contribute to the Ecosystem
- How to be a top notch CNA doing Open Source in spite of AI
- How to talk to your lawyer about open source software and security
- Integrating SBOM in Socio-Technical Threat and Risk Modeling of the Software Supply Chain.
- ISMS for Strengthening Resilience and Compliance – Practical Cybersecurity Support for Small and Medium-Sized Enterprises
- Meeting EU CRA Obligations: A Practical Guide to Cybersecurity Risk Assessment
- Navigating product security compliance with OWASP SAMM
- OWASP SAMM at Scale: Enabling Cyber Resilience Across Diverse Teams
- PKI Maturity as a Path to Cyber Resilience: Preparing for the EU CRA
- PURL: The naming of packages is a difficult matter
- Scaling VEX Generation in Apache Solr
- Secure by design, resilient by behaviour
- Supply chain security – pave for security best practices
- The AI Revolution in Software Development – Are you balancing speed and security?
- The CI/CD Damn Vulnerable Project: Learning Pipeline Security Through Magic
- The ingredients for CRA compliance for SME with the open source OCCTET project
- You got a SBOM! But is it the right one?