Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

jfrog

The Software Supply Chain Risks You Need to Know

Sep 6, 2022 By Nati Davidi, SVP JFrog Security In JFrog

Code that an organization’s developers create is only the beginning of modern software development. In fact, first-party code is likely to be only a small proportion of an application – sometimes as little as 10% of the application’s artifact ecosystem. An enterprise’s software supply chain is made of many parts, from many sources: open source packages, commercial software, infrastructure-as-code (IaC) files, and more.

Read Post

PyPi Malware Stealing Discord and Roblox Payment Info

Aug 25, 2022 By Snyk In Snyk
Raul Onitza-Klugman, Senior Security Researcher at Snyk, joins Kyle to take a deep dive in to the latest set of malicious packages discovered by the Snyk Security Research team. Join us as we discuss how these findings came to be, what they mean for open source security, and some hypotheses about the future of supply chain security.
View Video
netskope

How Do We Secure Our Software Supply Chain?

Aug 24, 2022 By Pramod Rana In Netskope

Software supply chain is anything and everything that contributes to making software functional. This includes code in the developer system, the CICD pipeline, dependencies, binaries, and deployed software in production, as well as people, processes, and the technology space. With the growing adoption of assembling software from distributed, unmanaged components rather than building it from scratch, more often than not, organizations are not aware whose, or what, code is running within their software.

Read Post
Pentest People

Current Cyber Security Trends Pt1

Aug 15, 2022 By AlexArchondakis In Pentest People

As we pass the halfway point of 2022, it’s worth taking a look at the current trends which have been present within the cyber security world and what to look out for in the future. Being aware of trends allows organisations to plan for the future and put processes or defences in place before they’re required.

Read Post
tripwire

Supply Chain Cybersecurity - the importance of everyone

Aug 11, 2022 By Tripwire Guest Authors In Tripwire

This week, I spoke with a new client who told me all about how they are looking forward to addressing a number of internal issues surrounding their IT systems. They explained that over the last 12 months, they repeatedly had issues of delays in service and outages, which had affected their business. Discussing this further, I explored their relationship with the supplier and asked what due diligence they had performed prior to working with them.

Read Post
nightfall

Dissecting Supply Chain Attacks: A Report on a Growing Sensitive Data Exposure Vector

Jul 19, 2022 By Michael Osakwe In Nightfall

Third-party risk has always been a concern for organizations, but since COVID and the rise of remote work, we’ve seen a dramatic acceleration in campaigns leveraging software supply chain attacks. Not just through open source vulnerabilities, but through closed source applications and services as well. To adapt to this new normal, it’s important to develop an understanding of supply chain attacks and protect yourself from them.

Read Post

Copyright © 2026 OpsMatters™. All rights reserved.