Lack of automation leaves companies vulnerable to attacks like Log4Shell and Spring4Shell

Sonatype found that nearly 70% of dependency management decisions are suboptimal in a study that evaluated 100,000 production applications and 4,000,000 open-source component migrations. 

A large part of this is due to lack of security automation, explained Ax Sharma, senior…

Source: sdtimes.com – Read more