Recent Posts from Jaikumar Vijayan
November 30, 2023
While the new White House EO is largely focused on foundational AI, security teams reviewing AI initiatives are still in the hot seat.
November 1, 2023
SBOMs are essential — but making them useful is tricky in continuous integration/continuous deployment environments. Here are the key best practices.
October 26, 2023
OpenSSF's Secure Supply Chain Consumption Framework can help better lay out risk for open-source components — but remediation is left out of the picture.
April 4, 2023
Here's what you need to know about BuildKit, how to leverage its SBOM capabilities — and its limitations for comprehensive supply chain security.
March 1, 2023
Modern software development practices are a primary target for software supply chain attacks. Here's why traditional application security tools alone are not enough to mitigate these new risks
January 25, 2023
Top leaders and practitioners from eBay, Fidelity, T-Mobile and Tasktop share lessons from the Log4Shell vulnerability. Here are four key takeaways.
January 18, 2023
Get out in front of software supply chain compliance requirements for a competitive advantage. Here's what your software organization needs to know.
November 21, 2022
GitOps can help control configuration drift and enable your infrastructure security to shift left, for starters. Here are four ways it can enable better software security.
July 6, 2022
Container adoption is ramping up. With software supply chain attacks also on the rise, you need to expand your software security approach. Here's how.