Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

Snyk

Cybersecurity Venture's 2023 Software Supply Chain Attack Report

Oct 10, 2023 By Sydney Milligan In Snyk

Most enterprises' critical infrastructure and operational pipelines rely on an intricate web of software, online services, and cloud applications. This level of complexity makes supply chain risk management one of (if not the) biggest challenges for CISOs today. Today, malicious actors choose to exploit software supply chain vulnerabilities rather than just target end users. These SSC attacks have caused some of the most notable cybersecurity incidents and data breaches in recent years.

Read Post
bulletproof

Tech Talk: Supply Chain Hardware Hacking

Oct 2, 2023 By Chay Donohoe In Bulletproof

This is a Bulletproof Tech Talk article: original research from our penetration testing team covering issues, news, and tech that interests them. It’s more technical and in-depth that our usual blog content, but no less interesting. Some readers may remember an article published by Bloomberg entitled "The Big Hack: How China used a Tiny Chip to Infiltrate U.S. Companies".

Read Post
gitguardian

Protecting Your Software Supply Chain: Understanding Typosquatting and Dependency Confusion Attacks

Sep 29, 2023 By Guest Expert In GitGuardian

Typosquatting and dependency confusion are two common tactics used by hackers to exploit open-source package repositories. Understand how these attacks work and discover preventive measures to secure your infrastructure.

Read Post

Holistic AppSec and Software Supply Chain Security

Sep 26, 2023 By Mend In Mend
AppSec and software supply chain security require more than a loose collection of tools and a vulnerability remediation process. A holistic approach covers risk assessment, a secure software development life cycle, software composition analysis (SCA), SBOMs, static and dynamic application security testing (SAST/DAST), workflow automation, automated remediation, runtime protections, compliance reporting and more. Successful implementation of this holistic approach enables companies to shrink their overall attack surface and reduce technical and security debt.
View Video
mend

What Role Should Dependency Management Play as the Regulation of the Software Supply Chain Escalates?

Sep 26, 2023 By Adam Murray In Mend

Two big trends are now converging that will change the way we view and implement software supply chain security and make dependency management a vital part of assuring security. Let’s look at why and how this is happening, and what it means for dependency management.

Read Post

The Next-Gen Software Supply Chain by Shlomi Ben Haim | CEO & Co-founder, JFrog

Sep 22, 2023 By JFrog In JFrog
The evolution from DevOps and CI/CD to cloud-native technologies, microservices architecture, security and governance - and now all the way to automation and Artificial Intelligence - requires a new generation of SSC management that aims to deliver software faster, with higher quality, enhanced security, and improved customer experiences. In this session, we’ll share insights from over 7,000 JFrog customers, and what the Fortune 100 list tells us about where the software supply chain is headed Next!
View Video

Incorporating Every Element - SSC as a Platform by Yoav Landman | CTO & Co-founder, JFrog

Sep 22, 2023 By JFrog In JFrog
Managing and securing the software supply chain end-to-end is one of the most difficult challenges facing DevOps and DevSecOps teams today. As developers continue to push all boundaries on the left and right side of the software release cycle, enterprise focus remains on binaries, and their movement through the pipeline automatically and securely. See how an integrated, consistent platform approach is the only way to solve next-gen supply chain challenges!
View Video

Copyright © 2024 OpsMatters™. All rights reserved.