The CircleCI hack and software supply chain risks

In this episode, Matt breaks down the recent CircleCI hack by visualizing the integrated development environment (IDE) process. In doing so, he points out that not only does source code need to be secure, but also the development process itself in order to prevent incidents like the CircleCI secrets hack.

Keep learning

Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.

The CircleCI hack and software supply chain risks

Typosquatting and software supply chain security

SCA Is Good. SSCS Is Better.

Reproducible Builds: Graduate Your Application Security

Spectra Assure Free Trial

Related episodes

Typosquatting and software supply chain security

SCA Is Good. SSCS Is Better.

Reproducible Builds: Graduate Your Application Security