May 24, 2023
In a recent survey, 300 practitioners were asked about the state of supply chain security. Here are takeaways from a webinar discussion about the survey.
May 9, 2023
OpenSSF's updated Supply-chain Levels for Software Artifacts is an essential tool, but experts say it's not a comprehensive supply chain security tool.
April 21, 2023
The surprising story of the supply chain hack of VoIP provider 3CX got even crazier this week. Here's what your application security need to know.
August 18, 2022
With software supply chain attacks surging, app sec teams should shift gears from legacy vulnerabilities to open-source repos, dev tools, and tampering.
June 13, 2022
Survey finds software supply chain security top of mind for dev teams — but tampering detection lags
A survey of more than 300 technology professionals found widespread concern about supply chain attacks, but only sporadic efforts to detect such attacks.
May 12, 2022
One year ago today, the White House released an Executive Order on Improving the Nation’s Cybersecurity. Here's where things stand.