software supply chain – Page 2

Proliferation of DevOps Tools Introduces Risk

Posted on June 1, 2021 by Eran Orzel

One of the main contributors to the weak security posture of development environments is the complexity and knowledge gap created by the number of tools and services involved in this process. With more than a hundred CI/CD tools to choose from and hun… Continue reading Proliferation of DevOps Tools Introduces Risk→

Biden EO Has Teeth, But May Prove Difficult to Implement

Posted on May 19, 2021 by Teri Robinson

President Biden served up an Executive Order, prompted by fallout from the SolarWinds attack, that has drawn praise for the administration’s obvious commitment to cybersecurity and a willingness to put the weight of the federal government’s purchasing… Continue reading Biden EO Has Teeth, But May Prove Difficult to Implement→

Enterprises Misplace Trust in Partners, Suppliers

Posted on May 5, 2021 by George V. Hulme

In an era when many organizations are focused on building zero-trust access control architectures, many are paradoxically extending considerable trust to the third parties they enable to access their systems remotely. And that trust is placing them at… Continue reading Enterprises Misplace Trust in Partners, Suppliers→

Time to Rethink Your Security Strategy

Posted on April 21, 2021 by Leonid Sandler

As you may have heard, a massive breach of Microsoft Exchange servers was revealed in the last several weeks. The attack is not over yet. We can always wait for another attack and blame another vendor, but when it comes to Microsoft, well, who can we … Continue reading Time to Rethink Your Security Strategy→

Don’t Let the Fox Watch the Henhouse: Securing Firmware

Posted on April 2, 2021 by John Loucaides

Recent attacks have caused the security industry to direct significant attention to supply chain security. As organizations look to address those challenges, it’s critical to start with what is arguably the most integral piece of the supply chain: the… Continue reading Don’t Let the Fox Watch the Henhouse: Securing Firmware→

White House Releases Executive Order on America’s Software Supply Chains

Posted on February 25, 2021 by Derek Weeks

Following the end of 2020 software supply chain attacks on SolarWinds that impacted multiple government agencies and private sector companies, President Biden issued a 2021 executive order asking for a comprehensive review of all government suppl… Continue reading White House Releases Executive Order on America’s Software Supply Chains→

Mitigating Third-Party Supply Chain Breaches

Posted on February 22, 2021 by Ayal Yogev

The recent SolarWinds data breach was so pervasive it sent shivers through the industry. Who exactly was affected? How deep were the incursions? What are the long-term implications? How will this impact critical areas of the global supply chain? The u… Continue reading Mitigating Third-Party Supply Chain Breaches→

Mitigating Third-Party Supply Chain Breaches

Posted on February 22, 2021 by Ayal Yogev

Securing the Software Supply Chain Goes Beyond Application Development

Posted on January 5, 2021 by Walter Capitani

In July 2017, one of the biggest data breaches was due to an insecure and out of date web application platform. This breach would have been prevented if the Apache Struts platform the web application ran on had the most recent updates applied. Thi… Continue reading Securing the Software Supply Chain Goes Beyond Application Development→

Akamai: Cyber Attacks Now Being Weaponized

Posted on January 3, 2020 by Michael Vizard

A report published by Akamai at the close of 2019 advises cybersecurity teams to expect to see many more weaponized cyber attacks in the New Year. Larry Cashdollar, an Akamai security researcher, said going into 2020 an overlap between criminal develo… Continue reading Akamai: Cyber Attacks Now Being Weaponized→