technology

Protect against unknown malicious open source packages by enforcing a supply chain cooling-off period using the now() CEL function in SafeDep vet.

Explore the architecture of the Model Context Protocol (MCP) and the state of its official registry. Learn how to consume server packages programmatically and discover the underlying challenges of...

Software Composition Analysis has been there for a while. But the problems associated with open source vulnerabilities persist. Next-gen SCA is the promised solution. What is it and how does it work?

Learn how to integrate SafeDep MCP with GitHub Agentic Workflows to automatically evaluate the security posture of OSS dependencies in your pull requests using AI.

Exploring the idea of building a complementary system that can verify and correlate static analysis findings. Thats where dynamic analysis comes in ie. the ability to "run" an open source package in...

Software Bill of Material (SBOM) provides an inventory of all software components. However, they are useful only when a flexible query interface is built on top.