Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

Snyk

NPM security: preventing supply chain attacks

Nov 7, 2022 By Liran Tal In Snyk

NPM security has been a trending topic in the media in recent years, mostly in reference to npm packages available on the ecosystem rather than the npm registry itself. The increasing security risk, that applies to developers and software we build, makes it even more important to understand how to prevent supply chain attacks and other security vulnerabilities related to software development life cycle.

Read Post
jfrog

Supply Chain Security for Open Source: Pyrsia at CD Summit and KubeCon 2022

Nov 7, 2022 By Sudhindra Rao In JFrog

I was super excited to be at Kubecon+CloudNativeCon this year. Kubecon has managed to build a great community that goes beyond Kubernetes and has been a good catalyst in bringing together people passionate about OpenSource. Kubecon also has attracted a lot of interest due to the quality of sessions, the number of co-located events, and the opportunity to connect with peers, partners and friends.

Read Post

[Webinar] Software Supply Chain Security & Attacks: The True, the False, and the Most Lethal

Nov 4, 2022 By GitGuardian In GitGuardian
What do high-profile incidents like SolarWinds SUNBURST, Codecov bash uploader, Log4Shell, ua-parser-js, or the more recent IconBurst all have in common? They’re all supply chain attacks... except one. Exploding interest in the security of the software development lifecycle from the media, industry analysts, vendors, and agencies, has left the rest of us, developers and security engineers, with many confusing definitions for supply chain attacks.
View Video
tripwire

Keeping threat actors away from your supply chain

Nov 2, 2022 By Tripwire Guest Authors In Tripwire

The supply chain is a complex environment that goes deep inside a business and involves the majority of its infrastructure, operations, personnel, and outer relations: vendors, partners, and customers. To protect that matrix is extremely difficult, as there are numerous sensitive nodes, lines, and processes that a security team has to take care of: software and hardware resources, cloud, hybrid and local environments, platforms, and web apps.

Read Post

Supply Chain Security Intro Workshop

Nov 1, 2022 By JFrog In JFrog
More and more attacks are aimed at the entire supply chain, which means that we developers are increasingly targeted by the attackers. Attacks like the SolarWinds hack show us that making sure you don’t use vulnerable dependencies isn’t enough. The attackers have their sights set on the entire development process with its components. In this workshop, we will look at the first steps and try them out in practice which will enable you to integrate the topic of security into your everyday life as a developer.
View Video

Bridging the trust gap in connected supply chains

Oct 27, 2022 By DataTrails In DataTrails
In these ultra connected times we increasingly need to share data between organizations. But how can you trust data that’s been generated outside your boundary walls? By another organization or a machine? That’s the trust gap, and that’s where RKVST comes in. Instead of bridging that gap with manual processes, verifying and auditing every document, RKVST takes that same risk management approach but automates it so you can trust the data, documents supply chain information at scale.
View Video

How zero trust helps reduce risk in connected supply chains

Oct 27, 2022 By DataTrails In DataTrails
What is zero trust and how does a zero trust approach helps reduce risk in connected supply chain decision making? Find out how RKVST helps automate the tracking and sharing of supply chain evidence you can rely on, by integrating with the tools businesses already use today. Jon Geater and Rob Brown from RKVST discuss zero trust at InfoSecurity Europe, London, June 2022.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.