RKVST SBOM Hub and Device Authority KeyScaler SBOM.
This video demonstrates how Device Authority privately distribute their SBOM in RKVST while advertising its location on SBOM Hub.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
DevSecOps
DevSecOps: How to bring data security into the development workflow
DevSecOps refers to the integration of security controls across the whole software development lifecycle. It is first and foremost an organizational culture, enabled by processes and tools, where development teams share the responsibility for delivering secure software with the security team. This differs from organizations where development and security responsibilities are completely siloed in distinct teams.
DevSecOps Is Mainstream: New Research Finds 20x Increase in Software Security Scanning Over the Past Decade
Veracode State of Software Security report reveals the average cadence for organizations scanning apps has grown 20x since 2010. The number of apps scanned for security flaws per quarter has more than tripled over the past decade. Businesses with hands-on security training for developers fix software flaws 35% faster.
DevSecOps plan process
In the DevOps and DevSecOps Introduction, What is DevOps, we reviewed how our security teams overlay onto DevOps for visibility and increased security throughout the software lifecycle. This article explores DevSecOps during the planning phase of the project and why it’s important for developers to be trained on how to help protect the software they are writing from Free Open-Source Software “FOSS” risks and supply chain attacks.
Talent Shortage 2022: Stretching Your Lean DevSecOps Team
The cybersecurity talent shortage is real. As of December 2021, a job-tracking database from the U.S. Commerce Department showed nearly 600,000 unfilled cybersecurity positions. And a 2021 study found that 57% of cybersecurity professionals worked at organizations that have been directly impacted by the cybersecurity talent shortage. Even so, many organizations want to “shift security left” or build security best practices earlier into the software development lifecycle (SDLC).
AppSec Leader Veracode Thrives in Record-Breaking Year for Cybersecurity
2021 delivers strong growth and business momentum, with 13 percent revenue increase YoY.
SBOM production and secure distribution - Jitsuin and Meterian integration makes it easy.
Jitsuin met Meterian in the NCSC Cyber Runway Accelerator launched in November 2021. What we quickly realized is that automated generation and permissioned sharing of SBOMs would save valuable time in vulnerability discovery and mitigation. So we moved fast to fix things! The integration between Meterian’s Boost Open-Source Software Scanner (BOSS) and Jitsuin’s RKVST SBOM Hub enables software publishers to automatically generate, store and distribute SBOMs in public or private.
Meterian generated SBOMs distributed in RKVST SBOM Hub
Meterian has integrated SBOM distribution to the RKVST SBOM Hub within the BOSS Scanner, making it easy for developers to put SBOMs to work in their own organisations and for their customers.
Public Discovery, Permissioned Distribution of SBOMs
Some SBOMs can be shared widely. Many SBOMs will need to be shared in private. RKVST SBOM Hub makes it easy to find and fetch both public and private SBOMs. Private SBOMs can be advertised with a refBOM - but only those with the right permissions can see the full SBOM.
15 Ways to Make SBOM Distribution Easy
The whole point of an SBOM is lost if you keep it a secret. Here we reveal our secrets of the ideal SBOM exchange. Let us know if we’ve missed anything in RKVST SBOM Hub. SBOMs are made for sharing and are the gifts that keep on giving, but only if they get to the right place at the right time to drive the right critical decision. The first critical decision, or moment of truth, is whether to buy a vendor’s product.