March 20, 2023
Experts weigh in on a new OpenSSF SLSA framework survey — and the overall state of supply chain security practices.
March 15, 2023
GitHub is a weak link in the software supply chain. Finally, Microsoft is doing something about it — by forcing users into two-factor authentication (2FA).
March 14, 2023
Here’s how attackers are finding software development secrets buried in code repositories — and exploiting them.
March 14, 2023
Development secrets are critical for complex software to work, but hard to manage. That's why we're unveiling features to spot secrets leaks and exposures.
March 13, 2023
Here's what you need to know about the limits of app sec testing, and why comprehensive software supply chain security is critical to mitigating risk.
March 13, 2023
CircleCI and other recent hacks show how vulnerable secrets are on the software supply chain. Here's why an end-to-end security approach is essential.
March 9, 2023
Here are the key takeaways from the Colour-Blind remote access trojan, with insights from supply chain security experts.
March 8, 2023
Chris Hughes shares an overview of his co-authored upcoming book, “Software Transparency: Supply Chain Security in an Era of a Software-Driven Society.”