Recent Posts from Matt Rose
March 13, 2023
CircleCI and other recent hacks show how vulnerable secrets are on the software supply chain. Here's why an end-to-end security approach is essential.
February 23, 2023
The new CISA office for Cyber Supply Chain Risk Management (C-SCRM) could make a difference with clear and consistent guidance for industry and government.
February 14, 2023
Software teams are facing growing supply chain complexity and threats. Here's why SCA should evolve beyond open source licensing and vulnerabilities.
January 23, 2023
ChatGTP and GitHub Copilot seem like a win for developers — under pressure to release new features continuously. But the code produced by generative AI needs serious scrutiny.
January 13, 2023
Security teams should consider consider software supply chain risk through a new lens after the latest CircleCI incident.