In a new ReversingLabs Software Supply Chain Risk Survey, IT pros say supply chain security poses an “enterprise-wide” risk that traditional app sec tools can't address.
One software supply chain attack caused another, making it a first for the industry. Also: Malware spreads via apps in the Google Play Store.
Software supply chain security is taking center-stage at RSAC 2023. Here are the talks you don't want to miss.
Secrets are increasingly exposed during software development, creating a field-day for malicious actors. Here are key takeaways from our special report series, Secrets Exposed.
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
Here's why some security practitioners question the term — and what they think app sec teams should focus on instead.
Experts break down the incident, and explain how app sec tools are evolving to detect and prevent such attacks.
CPGs are now better aligned with NIST's Cybersecurity Framework (CSF), and supply chain goals have been added. MFA guidance is also new.
Here's what you need to know about BuildKit and its Supply Chain Levels for Software Artifacts (SLSA) provenance capabilities for SBOMs.
The compromise was limited to their app. But there's a bigger lesson: Supply chain security complacency comes with a cost.
Flaws quickly spread across the supply chain. Here's how researchers at Alpha Omega and beyond are automating fixes.
Welcome to the latest edition of The Week in Security, which brings you the newest headlines from both the world and our team across the full stack of security: application security, cybersecurity, and beyond.
The vulnerabilities left the door open to malicious plug-in updates. Here's what you need to know.
Software secrets are in the crosshairs of malicious actors. Here are three key steps to mitigate risk — and best practices your team can take to prevent future breaches.
.webp&w=3840&q=75)
While best practices adoption for AppSec is up, many supply chain security problems remain, the OpenSSF SLSA framework survey shows.