Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

securitysenses

Regulatory Compliance in Aviation Procurement: Navigating the Complex Landscape

Dec 19, 2023 By SecuritySenses In SecuritySenses
In the vast airspace of the aviation industry, procurement is a complex journey laden with many regulatory checkpoints. It's a unique dance between sticking to global standards and being in the pursuit of operational efficiency. This sector is often considered the lifeline of global connectivity. So, it still remains one of the most strictly monitored sectors. It's because when it comes to aviation, it's not about ticking boxes for the sake of it. The lives of millions of passengers depend on the regulations daily.
Read Post

The 443 Podcast - Episode 273 - Hacking the Crypto Supply Chain

Dec 19, 2023 By WatchGuard In WatchGuard
This week on the podcast, we cover a supply chain attack against one of the largest hardware cryptocurrency wallet manufacturers. After that, we discuss the latest Apache Struts vulnerability under active exploit by threat actors. We end the episode with our thoughts on a research blog post about a set of threat actors using an old school attack against modern targets. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.
View Video
upguard

Securing Your Supply Chain: Risk Management vs Security Management

Dec 15, 2023 By Leah Sadoian In UpGuard
Supply chain management has become a top priority for businesses due to the increasing use of digital technologies and geopolitical uncertainties, making global supply chains more vulnerable than ever to disruptions. This reality highlights two critical aspects of supply chain management: Supply Chain Risk Management (SCRM) and Supply Chain Security Management (SCSM).
Read Post
signmycode

What Is Software Supply Chain Security? Comprehensive Guide

Dec 12, 2023 By SignMyCode In SignMyCode

Software supply chain security is on the highest priorities list of an organization. It consists of every major and minor stakeholder, tool, application, and resource associated with a software development project. However, some organizations still need clarification about it or need to know how exactly they can maintain it and prevent attackers from exploiting the supply chain. But now, with this blog, everything will be cleared within minutes.

Read Post
mend

Six More Top Tips For Holistic AppSec and Software Supply Chain Security

Dec 12, 2023 By Sam Quakenbush In Mend

In my previous post, I began to list the ways you can strengthen your security posture, with some holistic approaches to application security and the software supply chain. In this second part of the series, let’s look at six more important considerations.

Read Post
ekran

Ekran System's Cyber Essentials Certification: Enhanced Software & Supply Chain Security

Dec 8, 2023 By Ekran In Ekran
At Ekran System, we take our security and the protection of our partners and customers seriously. Our commitment to delivering the best insider risk management services motivated us to align our own security posture to the current Cyber Essentials standards. We are proud to announce that we have obtained the certification!
Read Post
mend

Six Top Tips For Holistic AppSec and Software Supply Chain Security

Dec 8, 2023 By Sam Quakenbush In Mend

Developing applications and working within the software supply chain requires hard skills such as coding and proficiency in programming languages. However, protecting the software supply chain also requires some softer skills and an openness to strategies and tools that will strengthen your security posture. In this two-part series, we will discuss these considerations and how they support a holistic approach to application security and software supply chain security.

Read Post
synopsys

BSIMM14: Trends and recommendations to help improve your software security program

Dec 5, 2023 By Charlotte Freeman In Synopsys
The latest BSIMM report, now in its 14th iteration, contains information from more than 130 companies in eight verticals about what’s working, what isn’t, what’s changing about the risks and threat landscapes they’re facing, and how they’re responding to those changes. This annual report by the Synopsys Software Integrity Group helps organizations maximize the benefits and minimize the pain of a world run by software.
Read Post
Forescout

Forescout Vedere Labs discloses 21 new vulnerabilities affecting OT/IoT routers

Dec 5, 2023 By Forescout Vedere Labs In Forescout
Forescout Vedere Labs has identified a total of 21 new vulnerabilities affecting Sierra Wireless AirLink cellular routers and some of its open source components such as TinyXML and OpenNDS, which are used in a variety of other products.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.