Collaborate Disseminate
Findings from our annual State of the Software Supply Chain Report, which looks at the use of open source software development, told us two main things:
The post Cloud Security Concerns in 2021 appeared first on Security Boulevard.
Continue reading Cloud Security Concerns in 2021
As part of Sonatype’s unwavering commitment to our customer community, we’re excited to launch Sonatype Innovate—a program designed for innovators within the community, providing opportunities for collaboration, contribution, leadership, and profe… Continue reading Sonatype Launches Customer-Focused Program, Sonatype Innovate
Threat actors are increasingly targeting mission-critical organizations in both ransomware attacks and novel supply-chain attacks. Whether by exploiting known vulnerabilities or taking advantage of other weaknesses in the ecosystem, the UK governm… Continue reading UK Government to Step Up Supply Chain Security following US Presidential Executive Order on Cybersecurity
On May 12, 2021, the Biden Administration issued its much anticipated Executive Order (EO) on Improving the Nation’s Cybersecurity.
The post Biden’s Executive Order on Improving National Cyber Defense: Everything You Need to Know You Learned in Ki… Continue reading Biden’s Executive Order on Improving National Cyber Defense: Everything You Need to Know You Learned in Kindergarten
In my years of experience supporting the federal government in different capacities, I have seen the evolution of attack methods match the pace of innovation as our information systems become even more advanced. No matter the state of the technolo… Continue reading What is Dependency Confusion and Why Does it Matter in the Federal Sector?
The newly minted, and highly anticipated, Cybersecurity Executive Order from President Biden, marks the strongest stance ever taken by the Federal government in an attempt to secure our nation’s software supply chains from attack. For the first t… Continue reading Biden Executive Order on Cybersecurity Calls for Enhanced Software Supply Chain Security
Connect, learn, and grow in your DevSecOps journey at our 2021 North American DevSecOps Leadership Forum (DLF) taking place May 4, 2021 from 2-4 pm ET. Featuring real stories from eight industry experts at leading financial, healthcare and techn… Continue reading Top 5 Reasons to join Sonatype’s 2021 DevSecOps Leadership Forum
Since we debuted our Advanced Development Pack in late 2020, Sonatype’s discovery of malicious packages infiltrating npm has been making headlines over and over [1, 2, 3, 4, 5].
The post Meet the Developers Behind Sonatype’s Automated Malware Dete… Continue reading Meet the Developers Behind Sonatype’s Automated Malware Detection System Securing Open Source Supply Chains
Following a growing trend in software supply chain attacks which use “dependency or namespace confusion” techniques, I sat down for a discussion on software supply chain security with a few experts on the topic.
The post Securing Software Supply C… Continue reading Securing Software Supply Chains and Dependency Confusion – An Industry Perspective
Following the end of 2020 software supply chain attacks on SolarWinds that impacted multiple government agencies and private sector companies, President Biden issued a 2021 executive order asking for a comprehensive review of all government suppl… Continue reading White House Releases Executive Order on America’s Software Supply Chains