SBOMs alone are not enough for software supply chain security because they don’t help users respond to the tampering of software artifacts. Consider these noteworthy examples:
Read full article on The New Stack
Enhance Your SBOM Success with SLSA
- McAfee Dominates AV-Comparatives PC Performance Test
- Preparation: The Less Shiny Side of Incident Response – Joe Gross – ESW #360
- Critical GitLab account takeover flaw added to CISA’s KEV Catalog
- Microsoft, Google do a victory lap around passkeys
- Understanding Scattered Spider, and how they perform cloud-centric identity attacks