NIST raises the bar for federal software supply chain with call for SBOMs

The government’s standards body issued guidelines for secure development, asking firms selling to the government to implement a software bill of materials.

Log4j: Why your organization needs to embrace software bills of materials

This widespread vulnerability is an object lesson for why software development organizations and their customers should be using SBOMs.

Expanding Security Visibility To Reduce Software Supply Chain Risk

No doubt about it, the way malicious actors attack their targets through software is changing.

CISO’s Guide to Protecting Against Modern Software Risks

How to Rebuild Trust in the SDLC and 3rd Party Software Supply Chain

How to Detect Software Supply Chain Attacks

How Existing Cybersecurity Frameworks Can Curb Supply Chain Attacks

Implementing Processes and Controls to Disrupt Attackers

The NPM package that walked away with all your passwords

Detecting malware in package manager repositories