%term

Uplevel your supply chain risk management

Apr 20, 2023 By SecurityScorecard In SecurityScorecard

We’ve entered Week #3 of National Supply Chain Integrity Month, an initiative that CISA and other government agencies started to highlight the importance of securing our nation’s most critical systems and ensuring they stay resilient. For Weeks #1 and #2, I wrote about maturing your third-party risk management program and securing the small business supply chain.

Read Post

SecurityScorecard

Read more about Uplevel your supply chain risk management

Introducing GitGuardian Honeytoken

Apr 19, 2023 By GitGuardian In GitGuardian

We are proud to introduce you to the GitGuardian Honeytoken module. Honeytokens are decoy credentials that don't allow any real access but instead trigger alerts that reveal the IP address of whoever tried to use them. GitGuardian honeytokens can be used for intrusion detection in your own environments and tools. You can also plant our honeytokens in your SaaS vendors' systems to be alerted if a core vendor in the supply chain has been compromised. Placing honeytokens in your source code help you detect when your code has been leaked publicly, indicating a code leak.

View Video

GitGuardian

Read more about Introducing GitGuardian Honeytoken

Supply Chain Security: Secrets and Modern Security Frameworks (Part III)

Apr 19, 2023 By Guest Expert In GitGuardian

In this final part, we'll discuss more software supply chain security frameworks and the critical role of secrets detection in them. We'll explore the NIST SSDF, SLSA, and OSC&R frameworks and how they cover the topic of secrets in software supply chain security.

Read Post

GitGuardian

Read more about Supply Chain Security: Secrets and Modern Security Frameworks (Part III)

The 443 Podcast, Ep. 236 - Another Software Supply Chain Attack

Apr 18, 2023 By WatchGuard In WatchGuard

This week on The 443, Corey Nachreiner and Marc Laliberte discuss the latest software supply chain attack with a potential blast radius of thousands of organizations. They then cover a new protocol vulnerability in the Wi-Fi wireless standard before ending with some research into insecure Microsoft Azure applications.

View Video

WatchGuard

Read more about The 443 Podcast, Ep. 236 - Another Software Supply Chain Attack

Prepare for Zero-Day Threats in Your Supply Chain

Apr 14, 2023 By SecurityScorecard In SecurityScorecard

Leading cybersecurity experts Major General John F. Wharton, (US Army ret); Oleg Strizhak, Shell’s Digital Supply Chain Risk Manager; and Sam Curry, the CISO of Zscaler, recently sat down with SecurityScorecard’s President of International Operations Matthew McKenna to discuss how organizations can prepare themselves and their supply chains for zero-day attacks as well as best practices for supply chain risk management.

Read Post

SecurityScorecard

Read more about Prepare for Zero-Day Threats in Your Supply Chain

Top 5 uses of blockchain in supply chain

Apr 11, 2023 By Liz Harris In DataTrails

It’s April, designated National Supply Chain Integrity month by CISA, NCSC, ONCD and Department of Defense, to promote resources, tools, and information to help organizations and agencies secure their supply chains and build resilience. But what role does blockchain play in supply chain and how easy is it to implement? Blockchain technology has numerous potential applications in supply chain due to its ability to provide a secure, transparent, and tamper-proof ledger of transactions.

Read Post

DataTrails

Read more about Top 5 uses of blockchain in supply chain

IONIX Wins Best Attack Surface Management (ASM) Solution in the 2023 Cybersecurity Excellence Awards Program

Apr 10, 2023 By IONIX In IONIX

IONIX Reveals and Reduces the Expanding Attack Surface and its Digital Supply Chains.

Read Post

IONIX

Read more about IONIX Wins Best Attack Surface Management (ASM) Solution in the 2023 Cybersecurity Excellence Awards Program

How resilient is your supply chain?

Apr 6, 2023 By SecurityScorecard In SecurityScorecard

This week kicks off the 6th annual National Supply Chain Integrity Month, an initiative started by CISA and other government agencies to highlight the importance of securing our nation’s most critical systems. This year’s theme, “Supply Chain Risk Management (SCRM) – The Recipe for Resilience,” is meant to encourage all stakeholders to apply a comprehensive approach in their efforts to strengthen cyber defenses.

Read Post

SecurityScorecard

Read more about How resilient is your supply chain?

How to Detect and Mitigate the 3CXDesktopApp Supply Chain Attack

Apr 5, 2023 By Shivram Amirtha and Forescout Vedere Labs In Forescout

On March 29, researchers from two security companies identified an active campaign originating from a modified version of a legitimate, signed application: 3CXDesktopApp, a popular voice and video conferencing software. 3CXDesktopApp is developed by 3CX, a business communications software company. According to its website, 3CX has 600,000 client organizations and 12 million daily users.

Read Post