Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Researchers recently found another Software Supply Chain issue in BoltDB, a popular database tool in the Go programming environment. The BoltDB Go Module was found backdoored and contained hidden malicious code. This version took advantage of how Go manages and caches its modules, allowing it to go unnoticed for several years. This backdoor allows hackers to remotely control infected computers through a server that sends them commands i.e. via a command and control server.

Together, Snyk and Google Cloud enable modern security practices that unify cloud and application security efforts. This collaboration simplifies risk management for CISOs, providing a cohesive strategy to protect cloud-native environments and the applications running within them. Security leaders often struggle with fragmented tools that create silos between cloud security and application security teams.

The software bill of materials (SBOM) is quickly becoming an essential aspect of open source security and compliance. In this post, we'll delve into what SBOMs are, why they're necessary, and their role in open source security.