Tag: Software Supply Chain
-
Revolutionizing Software Supply Chain Security: A Holistic Approach
New tools and strategies to close critical security gaps in software supply chains Despite significant investments, software supply chains …
-
CISA Urges Improvements in US Software Supply Chain Transparency
The US Cybersecurity and Infrastructure Security Agency (CISA) has published the third edition of Framing Software Component Transparency, …
-
GitHub Actions Vulnerable to Typosquatting, Exposing Developers to Hidden Malicious Code
Threat actors have long leveraged typosquatting as a means to trick unsuspecting users into visiting malicious websites or downloading …
-
North Korean Hackers Update BeaverTail Malware to Target MacOS Users
Cybersecurity researchers have discovered an updated variant of a known stealer malware that attackers affiliated with the Democratic …
-
Five Core Tenets Of Highly Effective DevSecOps Practices
One of the enduring challenges of building modern applications is to make them more secure without disrupting high-velocity DevOps …
-
Red Hat updates Trusted Software Supply Chain to enhance early security integration
Red Hat Inc. today announced updates to its Trusted Software Supply Chain that enable organizations to shift security “left” in the …
-
Three Ways To Supercharge Your Software Supply Chain Security
Section four of the “Executive Order on Improving the Nation’s Cybersecurity” introduced a lot of people in tech to the concept of a …
-
CISA Urges Manufacturers Eliminate Default Passwords to Thwart Cyber Threats
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is urging manufacturers to get rid of default passwords on …
-
Software Supply Chain Strategies to Parry Dependency Confusion Attacks
“What’s in a name? That which we call a rose By any other name would smell as …
-
All about OSC&R, a Software Supply Chain Security Framework
With software supply chain attacks posing such a significant threat to organizations, having a comprehensive understanding of these attacks …
-
Kubernetes and the Software Supply Chain
The ability of organizations to gain value from Kubernetes — and, more broadly, cloud-native technology — is being hampered by concerns …
-
A CISO’s Guide to Paying Down Software Supply Chain Security Debt
There has always been a tradeoff in IT between shipping new features and functionality versus paying down technical debt, which includes …
●●●