Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

SBOM

Creating DataTrails for Supply Chain Artifacts

In a world where software is produced, distributed, and re-distributed, how do you ensure the software you consume is authentic and safe for your environment? How do you know the software you deployed yesterday is safe today? Most software exploits are discovered after the software has been deployed, which raises the question: It’s not just about getting software updates, as the majority of exploits are distributed as updates. Staying updated isn’t the most secure.

Customize your Access Policies with DataTrails

Signing up with DataTrails comes with the ability to share your audit trails with your business partners, other applications, and your internal team. Access policies control users, apps & organizations’ read & write privileges to provenance data in DataTrails. If you’re using an integration, access policies offer a way to fine-tune these integrations, giving specific permissions to add to and read your records.

How to generate a software bill of materials

The complexity of modern applications (think open source, proprietary and commercial code) makes the management of software supply chain security a business-critical effort. Robust software supply chain security requires a thorough understanding of your organization’s software components - a complete visibility into the makeup of your code - best achieved with a Software Bill of Materials (SBOM).

What is Data Provenance?

Data provenance is a technology field that aims to help businesses increase trust through transparency of data, specifically by tracking the origin, change, and history of data and making it verifiable. Recently, the benefits of data provenance have become more important than ever. With the emergence of generative AI, all it takes are a few button clicks for anyone to create or manipulate data and convince others that fake data is trustworthy and real.

How Transparency Can Stop Invoice Fraud

The average cost of invoice fraud to middle-market businesses is almost $280,000 per year. Invoice fraud affects businesses of all sizes, and the levels of fraud have increased in part because it’s not possible to authenticate all invoices that come in manually, with many businesses paying out invoices without authentication if they’re under a certain amount. Today’s information security rules and regulations can’t keep up.

Beyond SBOMs: The Future of Software Supply Chain Security

The recent executive order requiring SBOMs (Software Bill of Materials) of those supplying software to the federal government has been instrumental in advancing the conversation around software supply chain security – but SBOMs are just the tip of the iceberg, and quite possibly, not even the most interesting or promising part. Cisco distinguished engineer Ed Warnicke and Cisco technical marketing engineer Michael Chenetz were joined by Aeva Black, OmniBor Project – Microsoft, Brandon Lum, Guac and Google, Dan Lorenc, Wolfi/Chainguard, and Cole Kennedy, TestifySec.

DataTrails: Sharing and Verifying Immutable Audit Trails

To share an immutable audit trail, you can do this with a link or a QR code that is automatically created when provenance and authenticity metadata is recorded in your DataTrails account. After you sign in to your DataTrails account on your smartphone, Anyone can use Instaproof or the DataTrails API to verify the authenticity, provenance and audit trails of public images.

How to Easily Generate An Accurate Software Bill of Materials (SBOM) with Black Duck | Synopsys

Did you know that open source code constitutes up to 95% of the code in your applications? This creates a web of dependencies that can pose security, quality, and compliance risks. Black Duck provides a solution by helping you generate an accurate software bill of materials (SBOM) in minutes, giving you visibility into your software supply chain. Watch the video to streamline your SBOM generation process and take control of your software supply chain.