Esther Shein
Rezilion

AppSec and Software Supply Chain Security: How Do They Go Together?

| | AppSec, software supply chain security, Uncategorized
AppSec and Software Supply Chain Security are two terms more frequently used as part of DevOps, as well as when considering how to develop a security strategy. Software supply chain attacks are on the rise and organizations must brace for the strong possibility that their software supply chain will be a ... Read More
Rezilion

EPSS Vs CVSS: How Do They Compare?

| | Common Vulnerability Scoring System, CVSS, epss, Exploit Prediction Scoring System, Uncategorized, Vulnerability Management
The tech industry loves its acronyms and one that is grabbing attention these days is the Exploit Prediction Scoring System (EPSS). Since many people are more familiar with the Common Vulnerability Scoring System (CVSS), the question becomes, what is the difference between the two scores? A definition of both is ... Read More
Rezilion

How Are SBOMs Shared? New Findings From A CISA SBOM Survey

| | cisa, SBOM, software bill of materials, Uncategorized
In a post published earlier. this week, we delved into the sharing lifecycle phases of a Software Bill of Materials (SBOM) from a report the Cybersecurity and Infrastructure Security Agency (CISA) recently released. Included within the report was a survey on the current state of SBOM sharing among stakeholders, in which ... Read More
Rezilion

What to Know About the CISA Software Bill of Materials Sharing Lifecycle Phases   

| | Application Security, cisa, Cybersecurity and Infrastructure Security Agency, SBOM, software bill of materials, Uncategorized
As Software Bill of Materials (SBOM) adoption efforts mature, a report recently released by the Cybersecurity and Infrastructure Security Agency (CISA) provides guidance to users in selecting suitable SBOM sharing platforms based on the amount of time, resources, subject-matter expertise, effort, and access to tooling available to them to implement a ... Read More
Rezilion

The Biggest Risks to the Software Supply Chain

| | Application Security, software supply chain, software supply chain attacks, software supply chain risk, Uncategorized
Software supply chain risks is an increasingly hot topic because attention to the supply chain has grown in recent years.  Its importance has naturally attracted the attention of hackers, so protecting the software supply chain is paramount. A 2023 software supply study found that organizations recognize, and have been impacted ... Read More
Rezilion

The Cyber Resilience Imperative for Software Supply Chain Security

| | Application Security, cyber resilience, software supply chain risk, software supply chain security, Supply Chain Risk, Uncategorized, Vulnerability Management
The concepts of cyber resilience and software supply chain security go hand in hand. It’s heartening that many organizations now recognize the cybersecurity landscape continues to evolve and grow more sophisticated and are taking steps to increase their security posture. However, not enough are working on becoming cyber resilient- especially ... Read More
Rezilion