Why an SBOM Strategy is Essential Worldwide
Join Veracode and Cybeats as they engage in a discussion breaking down all of the details from creation to strategies around SBOMs.
Security | Threat Detection | Cyberattacks | DevSecOps | Compliance
The Latest Cybersecurity News & Insights From Around The World
SBOM
Bridging the trust gap in connected supply chains
In these ultra connected times we increasingly need to share data between organizations. But how can you trust data that’s been generated outside your boundary walls? By another organization or a machine? That’s the trust gap, and that’s where RKVST comes in. Instead of bridging that gap with manual processes, verifying and auditing every document, RKVST takes that same risk management approach but automates it so you can trust the data, documents supply chain information at scale.
How zero trust helps reduce risk in connected supply chains
What is zero trust and how does a zero trust approach helps reduce risk in connected supply chain decision making? Find out how RKVST helps automate the tracking and sharing of supply chain evidence you can rely on, by integrating with the tools businesses already use today. Jon Geater and Rob Brown from RKVST discuss zero trust at InfoSecurity Europe, London, June 2022.
RKVST - the Archivist of the modern internet
RKVST (pronounced Archivist) is an evidence platform that delivers a reliable chain of custody for supply chain data. It proves and verifies who did what when to any asset in the supply chain which can then be shared with supply chain partners. Jon Geater , Chief Product Officer, talks about RKVST at InfoSecurity Europe, London, June 2022.
SBOMs Enhance Software Supply Chain Security
The software supply chain has been in the news of late, and not for good reasons. Security incidents that have made headlines and led to costly damages have brought a lot of attention to this area. Perhaps the most noteworthy recent example of a vulnerability in the supply chain was the flaw with Apache Log4j discovered in late 2021. Logj4 is a Java package that’s located in the Java logging systems and is essentially a Java library for logging error messages in applications.
Report Finds SBOMS Are Catching On
The idea of using software bill of materials (SBOM) is catching on with organizations, according to a new survey from Ponemon Institute and Rezilion. But deploying an SBOM in and of itself does not guarantee success. Organizations need to move toward Dynamic SBOMs that use automated features in order to provide much greater value. An SBOM is a list of all the components in a given piece of software.
Dynamic SBOM = SBOM + VEX
In recent months there has been a lot of discussion around the importance of Software Bills of Materials (SBOM) and Vulnerability Exploitability Exchange (VEX) when it comes to managing software vulnerabilities. Organizations can combine the SBOM and VEX to get a more contextualized view of the actual risk present in their environment. In this blog post, we examine how SBOMs and VEX do not need to be 2 artifacts.
RKVST Launches RKVST Free and RKVST Team SaaS Supply Chain Integrity, Transparency and Trust Solution
Green aerospace company SATAVIA chooses RKVST Team to provide immutable evidence trails for aviation industry carbon offsets.
A Guide to SBOM Formats
A software bill of materials – or SBOM – plays an important role in providing much-needed visibility into the details of software components and the supply chain. As an SBOM is developed, it should adhere to a format or standard that defines a unified structure for how it will be generated and shared with customers.
Establishing trust in your software supply chain with an SBOM
A software Bill of Materials or SBOM provides transparency into an organization’s software, protecting it from supply chain risks. Just because the component you add to your application is secure today doesn’t mean that the application will still be secure tomorrow.