Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SBOM

rezilion

Rezilion's Dynamic SBOM: Now Supporting Windows

Nov 9, 2022 By Rezilion In Rezilion

Today we’re excited to share that we’re expanding our Dynamic Software Bill of Materials (Dynamic SBOM) service to support Windows environments. In May of 2021, President Biden issued an Executive Order on Improving the Nation’s Cybersecurity. The objective of the order is to enhance the US government’s defenses in the wake of several high-profile breaches, including those that impacted SolarWinds and Kaseya.

Read Post
datatrails

Supply chain integrity, transparency and trust is now firmly on the agenda

Nov 8, 2022 By Liz Harris In DataTrails

Supply chain risk continues to make headlines, from Solarwinds and Kaseya to last week’s announcement of a patch for the OpenSSL vulnerability, and the latest cybersecurity review from the U.K.’s National Cyber Security Centre highlights the serious threats posed by supply chain attacks.

Read Post
rezilion

What You Need to Know About SBOM Generation Tools

Nov 3, 2022 By Rezilion In Rezilion

When it comes to tools for generating a software bill of materials (SBOM), organizations basically have three options: use a software composition analysis (SCA) product, deploy an open source command-line interface (CLI) tool, or embrace new technology to find an altogether new solution. Whichever option an organization chooses can have a significant impact for its software security.

Read Post
datatrails

SBOMs are the answer! Now what was the question?

Nov 1, 2022 By Rob Brown In DataTrails

Last year the Log4J vulnerability perfectly illustrated how properly shared SBOMs would have helped users find and mitigate the “vulnerability of the decade”. And over the last few days we’ve been worried that we’re in the same place with OpenSSL 3.x. Why will this keep on happening? A lot has happened since The White House issued Executive Order 14028.

Read Post
Snyk

How to create SBOMs in Java with Maven and Gradle

Oct 31, 2022 By Brian Vermeer In Snyk

When building applications in Java, we highly depend on external libraries and frameworks. And each Java package that is imported likely also depends on more libraries. This means that the amount of Java packages included in your application is often not really transparent. As a developer, these nested (transitive) dependencies create the problem that you probably do not know all the libraries you are actually using.

Read Post

Bridging the trust gap in connected supply chains

Oct 27, 2022 By DataTrails In DataTrails
In these ultra connected times we increasingly need to share data between organizations. But how can you trust data that’s been generated outside your boundary walls? By another organization or a machine? That’s the trust gap, and that’s where RKVST comes in. Instead of bridging that gap with manual processes, verifying and auditing every document, RKVST takes that same risk management approach but automates it so you can trust the data, documents supply chain information at scale.
View Video

How zero trust helps reduce risk in connected supply chains

Oct 27, 2022 By DataTrails In DataTrails
What is zero trust and how does a zero trust approach helps reduce risk in connected supply chain decision making? Find out how RKVST helps automate the tracking and sharing of supply chain evidence you can rely on, by integrating with the tools businesses already use today. Jon Geater and Rob Brown from RKVST discuss zero trust at InfoSecurity Europe, London, June 2022.
View Video
Subscribe to SBOM

Copyright © 2024 OpsMatters™. All rights reserved.