Security Boulevard

JANUARY 29, 2024

Gain insights into the Gartner® report and learn how to mitigate enterprise software supply chain risks by integrating software supply chain security into vendor risk management.

Software 70

Software Risk 70

Security Boulevard

SEPTEMBER 14, 2023

Learn about supply chain security, supply chain attacks, and how to protect your organization against this severe threat. The post Software Supply Chain Security: The Basics and Four Critical Best Practices appeared first on Mend.

Software 76

Software 76

Security Boulevard

JANUARY 16, 2024

Software supply chain attacks are now mainstream events — a change in tactics by cyber-attackers that you can measure in headlines, which in recent years have delivered news about attacks on popular software tools including MOVEIt, 3CX, and CircleCI.

Software 57

Software Cyber Attacks 57

InfoWorld on Security

DECEMBER 15, 2021

Modern software development practices make securing the software supply chain more important than ever. Our code has dependencies on open source libraries which have dependencies on other libraries and so on—a chain of code that we didn’t develop, didn’t compile, and have little or no idea where it came from.

Software 120

Software 120

eSecurity Planet

OCTOBER 26, 2021

As threat actors aim at IT supply chains , enhanced cybersecurity has been the recent driving force for industry adoption of the Software Bill of Materials (SBOM) framework. SBOMs also offer protection against licensing and compliance risks associated with SLAs with a granular inventory of software components.

Software 124

Software Risk Healthcare Cybersecurity 124

Security Boulevard

JULY 23, 2023

Permalink The post BSides Sofia 2023 – Alexandar Andonov – The Secure Software Supply Chain Function S3C appeared first on Security Boulevard. Our thanks to BSides Sofia for publishing their presenter’s tremendous BSides Sofia 2023 content on the organizations’ YouTube channel.

Software 98

Software Architecture CISO Education 98

Security Boulevard

OCTOBER 25, 2021

Most readers are also aware that an increasing number of cyberattacks target the software supply chain. The devastating SolarWinds attack in 2020 was followed by the supply chain attack on Colonial Pipeline that disrupted fuel supplies in the eastern U.S.,

Software 122

Software 122

Google Security

APRIL 26, 2023

Bob Callaway, Staff Security Engineer, Google Open Source Security team Last week the Open Source Security Foundation (OpenSSF) announced the release of SLSA v1.0 , a framework that helps secure the software supply chain. It’s especially gratifying to see SLSA reaching v1.0

Software 89

Software Internet Internet Engineering 89

CSO Magazine

JUNE 9, 2022

Notable incidents such as SolarWinds and Log4j have placed a focus on software supply chain security. They have also sent security teams in search of tools to ensure the integrity of software from third parties. To read this article in full, please click here

Software 109

Software Accountability 109

Security Boulevard

JANUARY 3, 2023

In this blog, we’ll take a look at Part One of the Securing The Software Supply Chain series released by the NSA, the CISA, and the ODNI. The post What does the Federal Guidance on Securing the Software Supply Chain Mean for Developers? appeared first on Security Boulevard.

Software 98

Software 98

Security Boulevard

MAY 16, 2022

Where You Can Find the Industry-First Software Supply Chain Security Toolkit. The interactive, web-based guide to software supply chain security. Jetstack, a Venafi company, has taken a giant leap forward in providing clarity and direction for teams securing software supply chains.

Software 98

Software Risk Technology 98

Security Boulevard

JULY 24, 2023

As artificial intelligence (AI) captivates the hearts and minds of business and technology executives eager to generate rapid gains from generative AI, security leaders are scrambling. The post AI and the software supply chain: Application security just got a whole lot more complicated appeared first on Security Boulevard.

Artificial Intelligence 98

Artificial Intelligence Software Technology Risk 98

Bleeping Computer

SEPTEMBER 1, 2022

National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released guidance today with tips on how to secure the software supply chain. [.].

Software 98

Software Cybersecurity 98

Security Boulevard

OCTOBER 24, 2022

The post SBOMs are critical to software supply chain security — but only the first step in your journey appeared first on Security Boulevard.

Software 120

Software 120

CSO Magazine

NOVEMBER 1, 2022

Organizations of every shape, size, and sector have embraced open-source software (OSS). The financial, medical, and manufacturing industries – and even national security – now use OSS to power their most critical applications and activities. To read this article in full, please click here

Software 93

Software Government Manufacturing 93

Security Boulevard

JANUARY 24, 2023

There are several best practices for securing the software supply chain. There are an average of 203 open source dependencies per repository in today’s software supply chains. The post Best Practices for Securing the Software Supply Chain appeared first on Security Boulevard.

Software 52

Software 52

Security Boulevard

DECEMBER 5, 2022

With supply chain attacks surging, now is the time to reflect — and look forward. The post The state of software supply chain security report: Top takeaways for development and SOC teams appeared first on Security Boulevard. ReversingLabs’ new report explores trends, best practices and more.

Software 98

Software 98

CyberSecurity Insiders

MAY 5, 2023

By Doug Dooley, COO, Data Theorem The software supply chain has become increasingly complex and dynamic with the rise of cloud computing, open-source software, and third-party software components and APIs. SBOMs provide transparency and visibility into the software supply chain.

Software 80

Software Penetration Testing Mobile Risk 80

CSO Magazine

JUNE 22, 2022

The term “factory” related to software production might seem bizarre. However, software is produced in a factory construct as well. Software factory” generally refers to the collection of tools, assets and processes required to produce software in an efficient, repeatable and secure manner.

Software 87

Software Architecture Manufacturing 87

Veracode Security

MAY 27, 2023

Introduction In today's interconnected world, securing the software supply chain is crucial for maintaining robust application security. Insecure code downloads can introduce vulnerabilities that compromise the integrity of your software. Regularly…

Software 59

Software Risk 59

Security Boulevard

SEPTEMBER 19, 2022

. The post Arming the Defender Force and Securing the Software Supply Chain: Helping Developers Implement CISA Best Practices – Part 1 appeared first on Security Boulevard.

Software 98

Software Firewall Cybersecurity 98

CSO Magazine

SEPTEMBER 15, 2022

Software supply chain attacks are on the rise, as cited in the Cloud Native Computing Foundation’s (CNCF’s) Catalog of Supply Chain Compromises. Industry leaders such as the Google, Linux Foundation, OpenSSF, and public sector organizations such as NIST have provide guidance on the topic over the past year or so.

Software 73

Software Government Cybersecurity 73

Security Boulevard

JANUARY 13, 2023

. Security teams should consider software supply chain risk through a new lens after the latest CircleCI incident. The post The CircleCI hack is a red flag for security teams on software supply chain risk appeared first on Security Boulevard.

Software 70

Software Risk Hacking 70

Security Boulevard

JULY 17, 2023

One of the biggest threats to software supply chain security is open source software applications and components. But vulnerabilities in open source software present a risk because they can provide cyber criminals.

Software 52

Software Risk Small Business 52

Security Boulevard

OCTOBER 20, 2022

Welcome to the latest edition of The Week in Security , which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.

Software 57

Software Cybersecurity Risk Government 57

Malwarebytes

JUNE 19, 2022

At the start of the global coronavirus pandemic, nearly everyone was forced to learn about the “supply chain.” But then a big ship got stuck in the Suez, and once again, we learned even more about the vulnerability of supply chains. In time, those items returned to stores. They can handle little stress.

Software 61

Software Government Malware 61

Security Boulevard

MARCH 13, 2023

Financial services companies need to make software supply chain security (SSCS) an integral part of their application security (app sec) testing programs because app sec and DevOps testing practices that focus on addressing vulnerabilities in pre-deployment and post-deployment code are no longer sufficient to mitigate security risks.

Financial Services 52

Financial Services Software Risk 52

Security Boulevard

MAY 16, 2022

Where You Can Find the Industry-First Software Supply Chain Security Toolkit. The interactive, web-based guide to software supply chain security. Jetstack, a Venafi company, has taken a giant leap forward in providing clarity and direction for teams securing software supply chains.

Software 52

Software Risk Technology 52

Security Boulevard

FEBRUARY 28, 2023

Over the last several years, supply chain risk management has evolved into a leading factor for most enterprise security teams. The post Software supply chain security and SBOM automation: The next big step in risk management appeared first on Security Boulevard.

Software 52

Software Risk 52

Security Boulevard

OCTOBER 13, 2022

Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of cybersecurity. This week: Google Cloud takes a swing at software supply chain risk.

Software 52

Software Risk Cybersecurity 52

Security Boulevard

DECEMBER 8, 2022

Welcome to the latest edition of The Week in Security , which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond. This week: An Iranian APT group carried out a data wiping software supply chain attack globally.

Software 52

Software Cybersecurity 52

ForAllSecure

JANUARY 3, 2023

Last month, the National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and Office of the Director of National Intelligence (ODNI) released the final installment of its Securing The Software Supply Chain series. Secure Product Criteria and Management.

Software 52

Software Government Architecture Cybersecurity 52

Security Boulevard

NOVEMBER 8, 2022

At the Forrester Security & Risk Forum, ReversingLabs Field CISO Matt Rose talks about what an SBOM provides — and how it can be put to good use. The post Forrester Security & Risk talk: Go beyond the SBOM for software supply chain security appeared first on Security Boulevard.

Software 52

Software Risk CISO 52

ForAllSecure

JANUARY 4, 2023

In a previous blog post , we looked at the federal government’s recent release of the Securing The Software Supply Chain series, in particular, p art one: guidance for developers. The new Securing the Software Supply Chain Guidance makes numerous references to the document. ” PW 8.2

Software 52

Software Penetration Testing Technology Government 52

Security Boulevard

SEPTEMBER 15, 2021

Over the past year, COVID-19 fundamentally transformed how people live and work, how companies interact with customers, how customers shop and buy, and how physical and digital supply chains function.

Software 57

Software Cyber Attacks 57

Security Boulevard

FEBRUARY 7, 2023

The post C-SCRM: We’re from the government — and we’re here to help with software supply chain security appeared first on Security Boulevard.

Government 52

Government Software Network Security 52

Dark Reading

AUGUST 6, 2020

It may sound look intimidating, but with a few tweaks to tools and processes already in use, it's not hard to get a head start on improving security posture of the software supply chain.

Software 75

Software 75