Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

ionix

Asset hijacking: the digital supply chain threat hiding in plain sight

May 7, 2024 By Nethanel Gelernter May 7th, 2024 In IONIX
The digital supply chain refers to the chain of third-party digital tools, services and infrastructure that is depended on for a particular first-party service (such as your website or SaaS platform). In an ever-changing digital landscape, supply chains can be brittle with many unseen risks. The nature of supply chain risk is transitive; any part of the often long and complicated digital supply chain can be compromised, causing all components downstream of it to also be compromised.
Read Post

Take supply chain cyber risk management to the MAX

May 3, 2024 By SecurityScorecard In SecurityScorecard
MAX is a comprehensive managed service that proactively identifies critical cybersecurity vulnerabilities and issues throughout your entire supply chain. Once identified, MAX collaborates closely with your team and vendors to promptly address and resolve these vulnerabilities, fortifying your supply chain defenses against potential compromises. When it comes to supply chain cyber risk, MAX has your back.
View Video
jfrog

Leveraging Shift Left and Shift Right for End-To-End Application Security

May 2, 2024 By The JFrog Team In JFrog
Despite organizations’ best efforts, security threats are on the rise, with malicious actors continuously evolving their tactics. Unfortunately, the situation is only intensifying as hackers from all walks of life leverage artificial intelligence (AI) and machine learning (ML) techniques. To combat these threats, security teams need to implement gates and controls throughout their entire software development lifecycle.
Read Post
tripwire

Defending Against Supply Chain Spoofing in Critical Manufacturing

Apr 30, 2024 By Isla Sibanda In Tripwire
Supply chain attacks are a serious and growing threat to businesses across all industries. However, these attacks pose an even greater risk for manufacturers in critical infrastructure sectors. One pernicious form of supply chain attack is spoofing, where attackers impersonate legitimate suppliers to sneak malicious code or components into products. Research shows that 2023 had the highest number (2769 in the US alone) of entities affected by supply chain spoofing.
Read Post
ionix

Preventing Magecart Attacks Through Supply Chain Vulnerabilities

Apr 30, 2024 By Nethanel Gelernter April 30th, 2024 In IONIX
The digital supply chain refers to the chain of third-party digital tools, services and infrastructure that is depended on for a particular first-party service (such as your website or SaaS platform). In an ever-changing digital landscape, supply chains can be brittle with many unseen risks. The nature of supply chain risk is transitive; any part of the often long and complicated digital supply chain can be compromised, causing all components downstream of it to also be compromised.
Read Post

Securing the Supply Chain - Automating our Way Out of Security Whack-a-Mole

Apr 26, 2024 By GitGuardian In GitGuardian
Open-source components forever changed how we build software, but they are also a prominent security threat, nothing illustrated this better than the recent XZ library incident where the world narrowly avoided a massive supply chain attack. Join Gene Gotimer and Mackenzie Jackson to discuss how we can keep our open-source supply chains secure as we discuss: Security implications of vulnerable open-source components How using automation can help us move toward a secure supply chain How to discover and detect vulnerable components.
View Video
jit

When and How to Create a Software Bills of Materials (SBOM)

Apr 26, 2024 By Charlie Klein In Jit
A Software Bill of Materials (SBOM) inventories all of the open source components and other third-party libraries within a codebase. Much like IKEA instructions explain which parts are included in the package for your new furniture, an SBOM describes all of the third party components in your codebase. Most SBOMs contain the following information about the make-up of an application: Security vulnerabilities: a key use case for SBOM is understanding the security risks of third party components.
Read Post
bitsight

Championing Supply Chain Cybersecurity Amid Evolving Regulations-A New CISO Imperative

Apr 18, 2024 By Sabrina Pagnotta In BitSight
Supply chain cybersecurity and resilience have become pivotal across various cyber regulations, most notably NIS2 and DORA. In this blog, stemming from our latest ebook '5 Proven Strategies to Maximize Supply Chain Cyber Risk Management’, we will explore the reasons why resilience is a new mandate for CISOs today and, most importantly, how to secure the supply chain at scale—in line with evolving regulatory requirements.
Read Post
Subscribe to Supply Chain

Copyright © 2024 OpsMatters™. All rights reserved.