InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
Dark Reading

We Have the Tech to Scale Up Open Source Vulnerability Fixes — Now It's Time to Leverage It

With enterprise software more dependent on open source components than ever before, a big element of modern application security is reliant on how well the open source community can shore up ...