Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

keeper

Secure Software Supply Chain by Signing Git Commits With Keeper

Oct 18, 2023 By Timothy Jester In Keeper

The modern threat landscape is constantly changing and the software supply chain has become a common target for cybercriminals. Cyberthreats have become a headache for overworked developers and DevOps teams as they face tight deadlines, limited staffing resources and the added burden of ensuring that their code does only what it is intended to do and is free of bugs and malware.

Read Post
SecurityScorecard

Navigating the Unknown: Zero-Days in the Supply Chain

Oct 17, 2023 By SecurityScorecard In SecurityScorecard

Zero-days are out there. Lurking just under the surface, waiting for the right moment to strike. A security team can do everything right and still experience a zero-day attack in its supply chain. And with innumerable configurations, devices, and platforms that can be exploited, zero-day exploits are becoming more common than ever.

Read Post
archTIS

DISP: Securing the Australian Defence Supply Chain

Oct 11, 2023 By Irena Mroz In archTIS
The Defence supply chain is a network of interrelated companies, services, and products that transform raw materials and information into goods and expertise for military materiel applications. Given the scale, breadth, and complexity of bringing so many different stakeholders and activities together, the risks that a supply chain presents can be challenging to define and manage.
Read Post
Snyk

Cybersecurity Venture's 2023 Software Supply Chain Attack Report

Oct 10, 2023 By Sydney Milligan In Snyk

Most enterprises' critical infrastructure and operational pipelines rely on an intricate web of software, online services, and cloud applications. This level of complexity makes supply chain risk management one of (if not the) biggest challenges for CISOs today. Today, malicious actors choose to exploit software supply chain vulnerabilities rather than just target end users. These SSC attacks have caused some of the most notable cybersecurity incidents and data breaches in recent years.

Read Post
bulletproof

Tech Talk: Supply Chain Hardware Hacking

Oct 2, 2023 By Chay Donohoe In Bulletproof

This is a Bulletproof Tech Talk article: original research from our penetration testing team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. Some readers may remember an article published by Bloomberg entitled "The Big Hack: How China used a Tiny Chip to Infiltrate U.S. Companies".

Read Post
gitguardian

Protecting Your Software Supply Chain: Understanding Typosquatting and Dependency Confusion Attacks

Sep 29, 2023 By Guest Expert In GitGuardian

Typosquatting and dependency confusion are two common tactics used by hackers to exploit open-source package repositories. Understand how these attacks work and discover preventive measures to secure your infrastructure.

Read Post

Holistic AppSec and Software Supply Chain Security

Sep 26, 2023 By Mend In Mend
AppSec and software supply chain security require more than a loose collection of tools and a vulnerability remediation process. A holistic approach covers risk assessment, a secure software development life cycle, software composition analysis (SCA), SBOMs, static and dynamic application security testing (SAST/DAST), workflow automation, automated remediation, runtime protections, compliance reporting and more. Successful implementation of this holistic approach enables companies to shrink their overall attack surface and reduce technical and security debt.
View Video
Subscribe to Supply Chain

Copyright © 2024 OpsMatters™. All rights reserved.