Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Supply Chain

datatrails

Supply chain integrity, transparency and trust is now firmly on the agenda

Nov 8, 2022 By Liz Harris In DataTrails

Supply chain risk continues to make headlines, from Solarwinds and Kaseya to last week’s announcement of a patch for the OpenSSL vulnerability, and the latest cybersecurity review from the U.K.’s National Cyber Security Centre highlights the serious threats posed by supply chain attacks.

Read Post
Polar Security

9 Steps to Ensure a Secure Data Supply Chain

Nov 8, 2022 By Nimrod Iny In Polar Security

In today’s data-driven world, businesses view data as a crucial business asset. Companies gather growing volumes of information from increasingly diverse data sources. Coupled with distributed and complex IT environments, this interwoven data landscape presents cyber threats through data supply chain risks.‍ A statistic exemplifying data supply chain risks is that 45 percent of data breaches occur in cloud computing systems, many of which aren’t owned by the companies that use them.

Read Post
Snyk

NPM security: preventing supply chain attacks

Nov 7, 2022 By Liran Tal In Snyk

NPM security has been a trending topic in the media in recent years, mostly in reference to npm packages available on the ecosystem rather than the npm registry itself. The increasing security risk, that applies to developers and software we build, makes it even more important to understand how to prevent supply chain attacks and other security vulnerabilities related to software development life cycle.

Read Post
jfrog

Supply Chain Security for Open Source: Pyrsia at CD Summit and KubeCon 2022

Nov 7, 2022 By Sudhindra Rao In JFrog

I was super excited to be at Kubecon+CloudNativeCon this year. Kubecon has managed to build a great community that goes beyond Kubernetes and has been a good catalyst in bringing together people passionate about OpenSource. Kubecon also has attracted a lot of interest due to the quality of sessions, the number of co-located events, and the opportunity to connect with peers, partners and friends.

Read Post

[Webinar] Software Supply Chain Security & Attacks: The True, the False, and the Most Lethal

Nov 4, 2022 By GitGuardian In GitGuardian
What do high-profile incidents like SolarWinds SUNBURST, Codecov bash uploader, Log4Shell, ua-parser-js, or the more recent IconBurst all have in common? They’re all supply chain attacks... except one. Exploding interest in the security of the software development lifecycle from the media, industry analysts, vendors, and agencies, has left the rest of us, developers and security engineers, with many confusing definitions for supply chain attacks.
View Video
tripwire

Keeping threat actors away from your supply chain

Nov 2, 2022 By Tripwire Guest Authors In Tripwire

The supply chain is a complex environment that goes deep inside a business and involves the majority of its infrastructure, operations, personnel, and outer relations: vendors, partners, and customers. To protect that matrix is extremely difficult, as there are numerous sensitive nodes, lines, and processes that a security team has to take care of: software and hardware resources, cloud, hybrid and local environments, platforms, and web apps.

Read Post

Supply Chain Security Intro Workshop

Nov 1, 2022 By JFrog In JFrog
More and more attacks are aimed at the entire supply chain, which means that we developers are increasingly targeted by the attackers. Attacks like the SolarWinds hack show us that making sure you don’t use vulnerable dependencies isn’t enough. The attackers have their sights set on the entire development process with its components. In this workshop, we will look at the first steps and try them out in practice which will enable you to integrate the topic of security into your everyday life as a developer.
View Video
Subscribe to Supply Chain

Copyright © 2024 OpsMatters™. All rights reserved.