Blog

Follow for the latest updates and insights on
open source security & engineering.

Malware Announcements Engineering Security Open Source AI SCA Compliance & SBOM Technology CI/CD

SBOM Completeness with Direct & Transitive Dependencies

Hidden transitive dependencies create security blind spots. This blog shows developers and CISOs how SafeDep vet uncovers full Maven dependency graphs, generating CycloneDX SBOMs and compliance-ready...

Introducing SafeDep Model Context Protocol (MCP) Server to Secure AI Generated Code

Introducing SafeDep Model Context Protocol (MCP) Server, a new feature in SafeDep vet to secure AI generated code and protect against slopsquatting attacks, vulnerable and malicious packages.

Compliance & SBOM

SBOM and the EU Cyber Resilience Act (CRA) – What Software Vendors Need to Know

The EU Cyber Resilience Act makes SBOMs mandatory for software products sold in Europe starting December 2027, with fines up to €15 million for non-compliance. Here's what software vendors need to...

Compliance & SBOM

License Compliance with SBOM

Although open-source speeds up development, there are risks associated with licensing. This blog examines the ways in which Software Bills of Materials, or SBOMs, facilitate audits, enforce license...

Previous Next

Ship Code

Not Malware

Install the SafeDep GitHub App to keep malicious packages out of your repos.

Install GitHub App