Tag: supply chain security
Survey Surfaces Troubling Signs of Software Supply Chain Insecurity
A survey of software engineering professions has uncovered disconcerting signs of software supply chain insecurity ...
Survey Surfaces Lots of Software Supply Chain Insecurity
A global survey of 900 application security professionals finds nearly two-thirds work for organizations that have had their software supply chains compromised in the past two years ...
OX Security Optimizes DevSecOps to Improve Application Security
OX Security updated its ASPM platform to enable DevSecOps teams to instantly identify applications with vulnerable code ...
Sysdig Identifies Cyberattacks on GitLab Platforms Using Binaries
Sysdig Threat Research Team uncovers cyberattacks using binaries written in Go and .NET are compromising on-premises editions of GitLab ...
Extending the GitOps Pipeline: DevSecOps and Trusted Application Delivery
The fusion of DevSecOps and trusted application delivery can extend the GitOps pipeline and add business value ...
npm is Scam-Spam Cesspool ¦ Google in Microsoft Antitrust Thrust
In this week’s #TheLongView: The npm registry suffers spam infestation, and Microsoft makes Google sad ...
Awareness of Software Supply Chain Security Issues Improves
A global survey of 167 software professionals suggested that, while there is a lot more awareness of application security issues, the adoption of DevSecOps best practices is still not pervasive. The survey, ...
Dev of core-js Will Flip Table ¦ Another 451 PyPI Maldeps
In this week’s #TheLongView: Denis Pushkarev is fed up with core-js freeloaders, and hundreds more malicious packages found at PyPI ...
Software Supply Chain Security Debt is Increasing: Here’s How To Pay It Off
Last year, the world woke up to the software supply chain dilemma. We saw a spike in attacks as hackers sought to exploit known and unknown vulnerabilities within dependencies. There is also ...
Secure Software Summit: Exploring Secure Coding Best Practices
In an era where software is dominating the world, the security and quality of code must remain a high priority. Delivering secure and reliable software at a rapid pace is crucial for most ...
WhiteSource Adds SBOM Tool That Lists Vulnerabilities
WhiteSource has added a software bill of materials (SBOM) tool to its portfolio that, in addition to capturing the components of an application, also surfaces vulnerabilities that should be addressed. Many organizations ...
Oxeye Platform Helps Fix Code Vulnerabilities
Fresh from raising $5.3 million in seed funding, Oxeye emerged this week from stealth to launch a namesake application security testing platform that, in addition to pinpointing issues in code, also provides ...