Blog

Security That Ships

Security, strategy, and developer-first thinking for teams pushing open-source forward.

Announcements
5 minutes

Hopper Launches Four AI-Powered AppSec Products for the Age of Modern Software

Traditional AppSec tools weren’t built for AI-powered development. Hopper’s new suite delivers visibility and control across open-source, embedded models, and AI-generated code.
Read more
Announcements
5 minutes

Hopper Launches Four AI-Powered AppSec Products for the Age of Modern Software

Traditional AppSec tools weren’t built for AI-powered development. Hopper’s new suite delivers visibility and control across open-source, embedded models, and AI-generated code.
Read more
Announcements
2 minutes

Hopper Maintains SOC 2 Type II and ISO 27001 Certifications

Hopper has achieved and actively maintains both SOC 2 Type II and ISO/IEC 27001 certifications, reinforcing our commitment to enterprise-grade security and compliance. These certifications validate our internal controls, secure development practices, and the safeguards we implement to protect customer data across the software supply chain.
Read more
Insights
7 minutes

Good Vibes, Bad Code? Vibe Coding and How to Secure It with Hopper

AI coding assistants are speeding up development by generating open-source code on the fly. But with that speed comes risk. Unpack how vibe coding expands your attack surface and how Hopper helps you secure what actually matters, down to the function level.
Read more
Product
4 minutes

The Hopper Bitbucket App: Secure Your Open-Source Dependencies with Function-Level Precision

Discover how Hopper’s Bitbucket Server integration helps you secure open-source dependencies with function-level reachability analysis. Eliminate false positives, automate license compliance, and generate SBOMs — all with agentless, read-only access.
Read more
Insights
13 minutes

Beyond Packages: Precision with Function-Level Reachability

Most SCA tools claim “reachability” but rely on imprecise methods that flood teams with false positives. Hopper delivers true function-level analysis to reveal real risks.
Read more
Insights
8 minutes

Eyes Wide Open: Building Hopper in a Crowded Market

Building a new security tool in a crowded space takes more than ambition. It takes humility, hard conversations, and the willingness to listen with eyes wide open. This is the journey that shaped Hopper from the very first day.
Read more
Insights
12 minutes

Fifty Shades of JAR: A Love Story Between Devs and CVEs

Shaded Java dependencies hide real vulnerabilities from most SCA tools. Hopper analyzed over 16M artifacts from Maven Central and discovered over 2.5 million hidden vulnerabilities. With function-level reachability, only a few actually mattered.
Read more
Insights
6 minutes

Why Hopper is What’s Next for SCA

Legacy Software Composition Analysis (SCA) solutions are falling short. They generate an overwhelming number of false positives, leaving security and engineering teams scrambling to prioritize a never-ending stream of vulnerabilities.
Read more
Announcements
4 minutes

Out of Stealth, Into the Future of Open-Source Security

Open-source now powers a $9T ecosystem. It’s the backbone of the tools, systems, and platforms that shape our digital lives. But with that power comes risk. And with that risk, a growing sense of fatigue.
Read more