About
Blog
Get a Demo
Blog
Security That Ships
Security, strategy, and developer-first thinking for teams pushing open-source forward.
Announcements
4 minutes
Out of Stealth, Into the Future of Open-Source Security
Open-source now powers a $9T ecosystem. It’s the backbone of the tools, systems, and platforms that shape our digital lives. But with that power comes risk. And with that risk, a growing sense of fatigue.
Read more
Announcements
2 minutes
Hopper Maintains SOC 2 Type II and ISO 27001 Certifications
Hopper has achieved and actively maintains both SOC 2 Type II and ISO/IEC 27001 certifications, reinforcing our commitment to enterprise-grade security and compliance. These certifications validate our internal controls, secure development practices, and the safeguards we implement to protect customer data across the software supply chain.
Read more
Insights
7 minutes
Good Vibes, Bad Code? Vibe Coding and How to Secure It with Hopper
AI coding assistants are speeding up development by generating open-source code on the fly. But with that speed comes risk. Unpack how vibe coding expands your attack surface and how Hopper helps you secure what actually matters, down to the function level.
Read more
Product
4 minutes
The Hopper Bitbucket App: Secure Your Open-Source Dependencies with Function-Level Precision
Discover how Hopper’s Bitbucket Server integration helps you secure open-source dependencies with function-level reachability analysis. Eliminate false positives, automate license compliance, and generate SBOMs — all with agentless, read-only access.
Read more
Insights
13 minutes
Beyond Packages: Precision with Function-Level Reachability
Most SCA tools claim “reachability” but rely on imprecise methods that flood teams with false positives. Hopper delivers true function-level analysis to reveal real risks.
Read more
Insights
8 minutes
Eyes Wide Open: Building Hopper in a Crowded Market
Building a new security tool in a crowded space takes more than ambition. It takes humility, hard conversations, and the willingness to listen with eyes wide open. This is the journey that shaped Hopper from the very first day.
Read more
Insights
12 minutes
Fifty Shades of JAR: A Love Story Between Devs and CVEs
Shaded Java dependencies hide real vulnerabilities from most SCA tools. Hopper analyzed over 16M artifacts from Maven Central and discovered over 2.5 million hidden vulnerabilities. With function-level reachability, only a few actually mattered.
Read more
Insights
6 minutes
Why Hopper is What’s Next for SCA
Legacy Software Composition Analysis (SCA) solutions are falling short. They generate an overwhelming number of false positives, leaving security and engineering teams scrambling to prioritize a never-ending stream of vulnerabilities.
Read more
Announcements
4 minutes
Out of Stealth, Into the Future of Open-Source Security
Open-source now powers a $9T ecosystem. It’s the backbone of the tools, systems, and platforms that shape our digital lives. But with that power comes risk. And with that risk, a growing sense of fatigue.
Read more