OWASP adopts DockSec: Why it matters
OWASP has adopted the container security tool to slow information overload. Here’s what you need to know.
John P. Mello Jr.
Freelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
Posts from John P. Mello Jr.
OWASP adopts DockSec: Why it matters
AI-native AppSec: What it is — and why it matters
AI coding is a game-changer — and requires AI-powered application security to fight fire with fire.
BSIMM16 confirms: AI redefines AppSec
AI coding is the new reality — and it will further destabilize software supply chain security. So step up your AppSec.
Lab offers 9 ways to improve MCP security
The Vulnerable MCP Servers Lab delivers integration training, demos, and instruction on attack methods.
How AI coding is breathing new life into Rust
AI tools are making Rust a favorite language of developers — even those maintaining codebases like Microsoft’s.
SSDF 1.2 sees AppSec as a journey
NIST has broadened the Secure Software Development Framework to include the full SDLC. Here’s why it matters.
Mandatory SBOMs: Why CRA matters
The EU’s Cyber Resilience Act legally obliges software producers to create and maintain an SBOM. Are you prepared?
Why governance is key to safe AI adoption
A new CSA report stresses getting out in front of AI risk — and why it matters for SecOps.
Adversarial AI is on the rise: What you need to know
Researchers explain that as threat actors move to AI-enabled malware in active operations, existing defenses will fail.