Ortelius Blog

Topics include Supply Chain Security, Vulnerability Management, Neat Tricks, and Contributor insights.

Posts in 2025
  • Hacktoberfest 2025

    Thursday, September 11, 2025 in Ortelius News

    Digital Ocean celebrates open source by hosting Hacktoberfest each October. During this month, you can earn a digital badge by contributing changes to the Ortelius project. Everyone is invited to participate regardless of your expertise level or …

    Read more

  • Ortelius MCP Server Accelerates Developers’ CVE Mitigation

    Wednesday, September 03, 2025 in Ortelius Committer Insights

    Ortelius MCP Automated Dependency Bot – Technical Overview At the Ortelius Open Source Project, we’re always working behind the scenes to make our platform more powerful, secure, and reliable. A big part of that is managing the …

    Read more

  • Job Seeker's Tookit

    Saturday, May 10, 2025 in Ortelius News

    Helping Committers Advance Their Careers In January 2025, the Ortelius Outreach Committee launched a bold initiative to empower contributors—helping them grow their personal brand, boost their earning potential, and land top-tier job opportunities. …

    Read more

  • Enhance Jenkins with Post-Deployment CVE Exposure

    Thursday, May 08, 2025 in Ortelius Committer Insights

    Ortelius for Post-Deployment Security to Jenkins As software supply chains grow more complex and vulnerabilities emerge faster than ever, Jenkins users face a critical challenge: “How do you keep your deployed applications secure after the …

    Read more

  • SecureChainCon 2025

    Thursday, April 03, 2025 in Ortelius News

    SecureChainCon Now On-Demand Keynote: John Willis AI-Powered Code Parsing and Semantic Analysis for DevOps Pipelines As software development ecosystems grow increasingly complex, the need for intelligent DevOps automation in script analysis and …

    Read more

  • Gold Legend Recipients in 2024

    Thursday, January 16, 2025 in Ortelius News

    What is a Gold Legend Award? Our community members work hard to solve the problem of managing code-level vulnerabilities in modern application architecture. The Ortelius community recognizes our members who have contributed via technical efforts or …

    Read more

Posts in 2024
  • The Ortelius OpenSSF Dashboard

    Saturday, December 21, 2024 in Ortelius Committer Insights

    Introduction The OpenSSF Scorecard is an essential security metrics tool incubating at the Linux Foundation’s OpenSSF. OpenSSF Scorecard is designed to expose an open-source project or package adherence to security best practices. It assigns …

    Read more

  • How do you Track and Report Security Compliance?

    Tuesday, December 17, 2024 in Ortelius Committer Insights

    Introduction Ensuring a robust IT security compliance strategy is more critical than ever. For organizations, the ability to track and report security compliance effectively is not just a regulatory necessity but also a vital component of …

    Read more

  • How Ortelius Integrates with OSV.dev for Real-Time Vulnerability Detection

    Tuesday, October 29, 2024 in Ortelius Committer Insights

    Introduction The importance of Software Bill of Materials (SBOMs) in modern software development cannot be ignored. High-profile security incidents, like the SolarWinds attack or Log4J, underscore the critical need for greater transparency within …

    Read more

  • How Ortelius Integrates and Consumes SPDX and CycloneDX SBOMs for Enhanced Software Visibility

    Monday, October 28, 2024 in Ortelius Committer Insights

    Introduction Software Bill of Materials (SBOMs) in modern software development is critical for managing software security, compliance, and supply chain integrity. Security breaches like the SolarWinds attack have underlined the need for transparency …

    Read more