Search results: provenance analysis

2024 Open Source Security and Risk Analysis Report

2024 Open Source Security and Risk Analysis Report

Explore key insights into the evolving open source landscape from the 2024 OSSRA report. Learn about the latest OSS trends and effective management strategies.The post 2024 Open Source Security and Risk Analysis ...
SLSA Provenance Blog Series, Part 4: Implementation Challenges for SLSA Provenance for Enterprises

SLSA Provenance Blog Series, Part 4: Implementation Challenges for SLSA Provenance for Enterprises

| | AppSec, threats
In previous parts of the series, we dived into the concept of SLSA Provenance and the in-toto framework that empowers it.Next, we learned about the challenges of adopting SLSA provenance as an ...
ESF steps up supply chain security guidance with call for binary analysis

ESF steps up supply chain security guidance with call for binary analysis

One of the more significant aspects of a new document on software supply chain security from the Enduring Security Framework (ESF) is the recommendation of binary analysis and reproducible builds as best practices ...
DoD cybersecurity

The Power of Provenance: From Reactive to Proactive Cybersecurity

While next-gen firewalls (NGFW), extended detection and response (XDR) and other security solutions do a great job of detecting and thwarting cyberattacks, it’s just too common for a sneaky or camouflaged threat ...
Security Boulevard
Open Source Analysis Extends Your Visibility

Open Source Analysis Extends Your Visibility

|
When we think of open source analysis, security is often the first thing that comes to mind. But open source analysis is so much more than just security. It gives you visibility ...
The Role of Static Analysis in the EU Medical Devices Regulation (MDR)

The Role of Static Analysis in the EU Medical Devices Regulation (MDR)

The move to digitization and automation is happening in the medical industry as it is in others – almost every medical device requires software. Wireless connectivity is becoming increasingly important in order ...
How CISA’s secure software development attestation form falls short

How CISA’s secure software development attestation form falls short

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the White House’s Office of Management and Budget (OMB) have released their Secure Software Development Attestation Form, a long-anticipated worksheet that asks organizations ...

Securing Your Software Development in Compliance with CISA: How OX Security Simplifies the Process

| | Compliance
The Cybersecurity and Infrastructure Security Agency (CISA) recently released its new Secure Software Development Attestation Form, which mandates significant responsibilities and declarations from software producers to ensure the security and integrity of ...
The missing piece in image scanning

The missing piece in image scanning

Introduction In the dynamic landscape of cloud-native cybersecurity, image scanning has become essential to ensuring the safety and The post The missing piece in image scanning appeared first on ARMO ...

How Public AI Can Strengthen Democracy

With the world’s focus turning to misinformation,  manipulation, and outright propaganda ahead of the 2024 U.S. presidential election, we know that democracy has an AI problem. But we’re learning that AI has ...