Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

upguard

Top 4 Categories of Supply Chain Management Tools in 2022

Mar 10, 2022 By Edward Kost In UpGuard

The rise in supply chain attacks has highlighted a significant issue in supply chain risk management (SCRM) - most organizations are unaware of the potential risks in their supply chain. This limitation is caused by a discontinuity between cybersecurity initiatives and the threat landscape of global supply chains. Supply chain ecosystems are unpredictable, dynamic, and always evolving.

Read Post

Mitigating Risks in Software Supply Chain

Mar 8, 2022 By Snyk In Snyk
By 2025, 45% of organizations worldwide will have experienced attacks on their software supply chains (Gartner) which are only becoming increasingly complex due to the changes in how modern software is built. These trends, together with new federal regulations, require organizations to take action to ensure the security and integrity of their software. But this is easier said than done.
View Video

Are We Forever Doomed By Software Supply Chain Risks?

Mar 7, 2022 By Snyk In Snyk
The adoption of open-source software continues to grow and creates significant security concerns for everything from software supply chain attacks in language ecosystem registries to cloud-native application security concerns. In this session, we will explore how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes, and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.
View Video
Forescout

New Supply Chain Vulnerabilities Impact Medical and IoT Devices

Mar 7, 2022 By Daniel dos Santos, Elad Luz In Forescout

Forescout’s Vedere Labs, in partnership with CyberMDX, have discovered a set of seven new vulnerabilities affecting PTC’s Axeda agent, which we are collectively calling Access:7. Three of the vulnerabilities were rated critical by CISA, as they could enable hackers to remotely execute malicious code and take full control of devices, access sensitive data or alter configurations in impacted devices.

Read Post

Securing the Digital Supply Chain Ep 8 - Terence Jackson CISO, SLG, Microsoft

Feb 26, 2022 By Riscosity In Riscosity
In this episode of Securing the Digital Supply Chain we talk with terence Jackson, CISO at Microsoft for State and Local Government customers! We have a great time talking about the trends in the Software Supply Chain area as well what can CISOs focus on to get quick wins for their organizations. Terence brings a wealth of experience from small to medium scale to large enterprise organizations and applies them to various security challenges to effectively solve them.
View Video
mend

A Guide To Implementing Software Supply Chain Risk Management

Feb 24, 2022 By Alfrick Opidi In Mend

Software supply chain risks are escalating. Between 2020 and 2021, bad actors launched nearly 7,000 software supply chain attacks, representing an increase of more than 600%. Without identifying and managing security risks within the supply chain, you could be exposing your critical assets to attacks. Implementing a supply chain risk management strategy is essential to staying ahead of the potential threats and making the most of your software.

Read Post
bytesafe

Software supply chain risks to keep an eye on in 2022

Feb 24, 2022 By Andreas Sommarström In Bytesafe

As a supply chain security vendor, the growth is far from surprising for us at Bytesafe - with the supply chain being a noticeable security blind spot for many organizations. A massive 62% of organizations claim to have been impacted by supply chain attacks in 2021 alone. Incidents like log4j, ua-parser-js and colors.js/faker.js have once again shown that it’s vital to use services like the Bytesafe Dependency Firewall.

Read Post
lookout

Breaking the Chain: Are You the Unintended Victim of a Supply Chain Attack?

Feb 18, 2022 By Hank Schless In Lookout

We’ve heard a lot about “supply chains” of various industries over the past couple of years, and the cybersecurity sector is no exception. When Colonial Pipeline was compromised by ransomware, it affected the physical supply of gasoline to consumers. On the software side, malware distributed through a SolarWinds update and vulnerabilities discovered in Apache’s Log4J created rippling effects for organizations around the world.

Read Post

Copyright © 2024 OpsMatters™. All rights reserved.