Get started with a private NuGet server for .NET packages in 5 minutesA how to guide on using Bytesafe private NuGet feeds for secure hosting of your .NET dependenciesFeb 16, 2022Feb 16, 2022
Published inSystem WeaknessHost & Secure your Java dependencies in 5 minutes with a Private Maven repositoryLooking to elevate your security for Java, Kotlin and Scala dependencies? Get started with hosted & private repository for Maven and GradleJan 5, 2022Jan 5, 2022
Want resilience against compromised packages? Add delay before trusting new versionsPopular packages are often targets for attacks. Perhaps a little friction is desirable for sake of security?Dec 16, 2021Dec 16, 2021
How to Avoid the (npm) dependency trapWith the dust settling one week after the UA-parser-js incident, it’s the perfect opportunity to take some time and see what we can learn…Nov 1, 2021Nov 1, 2021
Why you should manage open source dependencies like treasured resourcesAnd not simply take them for grantedSep 6, 2021Sep 6, 2021
How to prevent Dependency Confusion in your JavaScript supply chainA secure by default solution — that automatically prevent your business from becoming a victim of Dependency Confusion attacksMay 21, 2021May 21, 2021
Installing packages from private npm registry with GitHub ActionsIf you are using GitHub Actions as the CI/CD service for your build chain, you may be looking for a way to install private npm packages in…Feb 15, 2021Feb 15, 2021
npm security issues to know of in 2021What security issues were talked about in the npm ecosystem in 2020? Let’s review some key takeaways to carry with us into 2021.Jan 25, 2021Jan 25, 2021
Why you should use an npm proxy for your JavaScriptThis short post talks about how using a private npm proxy helps improve control and security when using JavaScript packages in general and…Apr 30, 2020Apr 30, 2020