March 7, 2023
Here's what you need to know about app sec's addiction to vulnerabilities — and why application security needs to evolve to take on supply chain security.
March 7, 2023
The new National Cybersecurity Strategy will punish big software developers for failing to follow best practices. And, for the first time, make them liable.
March 2, 2023
New details expose that the recent hack on LastPass was worse than previously thought. Also: CISA has called for for software makers who develop insecure software to be held liable.
March 1, 2023
LastPass has revealed a little more about the vault breach that occurred during August last year. And there are big, big lessons to be learned for DevSecOps teams.
March 1, 2023
Modern software development practices are a primary target for software supply chain attacks. Here's why traditional application security tools alone are not enough to mitigate these new risks
February 28, 2023
Here's a look at the state of Software Bills of Materials (SBOMs) — and why automating them is the next big step in managing software supply chain risk.
February 27, 2023
The CircleCI breach reveals a bigger story on secrets. Matt Rose and Chris Wilder discuss lessons learned.
February 23, 2023
The Circle CI breach and other recent hacks expose why the secrets problem is so prolific. Learn the why in this first post in our Secrets Revealed series.