Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

signmycode

Software Supply Chain Attacks: Notable Examples and Prevention Strategies

Mar 19, 2024 By SignMyCode In SignMyCode
Supply chain attack is a kind of cyberattack which targets the network that is made up of suppliers, vendors, contractors and other business partners that organizations rely on to provide goods and services. As opposed to directly attacking a target organization’s systems or infrastructure, attackers use supply chain vulnerabilities to gain unauthorized access or compromise the integrity of products or services.
Read Post
veracode

A Timely Shift: Prioritizing Software Security in the 2024 Digital Landscape

Mar 13, 2024 By Chris Wysopal In Veracode
The release of the February 2024 White House Technical Report, Back to the Building Blocks: A Path Towards Secure Measurable Software, brings about a timely shift in prioritizing software security. Software is ubiquitous, so it’s becoming increasingly crucial to address the expanding attack surface, navigate complex regulatory environments, and mitigate the risks posed by sophisticated software supply chain attacks.
Read Post

The Expanding Web of Organizational Supply Chains and Security Risks || Razorthorn Security

Feb 22, 2024 By Razorthorn In Razorthorn
In this video, we delve into the intricate web of organizational supply chains and the heightened complexities they bring to the realm of cybersecurity. With the interconnected nature of modern businesses, from retailers to manufacturers to insurers, the reliance on numerous other entities introduces a myriad of potential vulnerabilities. Join us as we explore the evolving landscape of malicious activities and data breaches, highlighting the exponential growth in complexity over the past two decades.
View Video
SecurityScorecard

Top 10 Cybersecurity Questions to Ask Your Vendors: A step-by-step guide to reduce supply chain risk

Feb 22, 2024 By SecurityScorecard In SecurityScorecard
A cybersecurity vendor questionnaire is vital in assessing the competency and reliability of potential partners. It serves as a comprehensive tool to evaluate various aspects crucial for safeguarding sensitive data and infrastructure. Through detailed inquiries about security protocols, compliance measures, incident response plans, and past breach incidents, the questionnaire helps gauge the vendor’s commitment to robust cybersecurity practices.
Read Post
cycognito

The Long Tail of the Supply Chain: Leveraging Exposure Management to Mitigate Risk from Current or Former Vendors

Feb 20, 2024 By Emma Zaballos In CyCognito
Every organization must prioritize the security of its systems and the protection of its customers’ sensitive information, but exposure doesn’t only happen through applications your own team develops and controls. Incidents like the recent exposure of customer data by Juniper Networks serve as stark reminders of the challenges and risks associated with managing the exposure of software, hardware, and services that you use.
Read Post
Featured Post
ThreatQuotient

Leveraging Threat Intelligence for Regulatory Compliance

Feb 16, 2024 By Cyrille Badeau, Vice-President International Sales In ThreatQuotient
The US Government recently announced that state-sponsored Chinese cyber group Volt Typhoon has compromised multiple critical infrastructure organisations' IT networks in the US and is preparing "disruptive or destructive cyber attacks" against communications, energy, transport, water and waste water systems. The announcement, which was supported by national cybersecurity agencies in Australia, Canada, UK, and New Zealand, is a sobering reminder that modern life relies on digital networks. From healthcare, banking, and socialising, to energy, water, local and national government - everything has a digital aspect.
Read Post
jfrog

Secure Access To Your Software Development with GitHub OpenID Connect (OIDC) and JFrog

Feb 14, 2024 By Yonatan Arbel In JFrog
Modern software development requires a seamless connection between multiple software development tools – particularly those used for code management and storing your software artifacts. Connecting between these tools often involves managing a variety of tokens, permissions, passwords, and keys, which if not handled correctly can expose organizations to potential security threats.
Read Post
datatrails

Creating DataTrails for Supply Chain Artifacts

Feb 7, 2024 By Steve Lasker In DataTrails
In a world where software is produced, distributed, and re-distributed, how do you ensure the software you consume is authentic and safe for your environment? How do you know the software you deployed yesterday is safe today? Most software exploits are discovered after the software has been deployed, which raises the question: It’s not just about getting software updates, as the majority of exploits are distributed as updates. Staying updated isn’t the most secure.
Read Post

Copyright © 2024 OpsMatters™. All rights reserved.