How to Speed Up TPRM Approvals with Spectra Assure
In the world of third-party software procurement, speed is often at odds with security. Risk managers and procurement officers know the pain: a single software request can trigger weeks, sometimes months, of ...
Accelerate PQC Migration: How to Leverage CBOMs for Cryptographic Asset Discovery
As quantum computing threatens to undermine today’s cryptographic standards, organizations must move quickly to achieve crypto-agility and secure their software supply chains. This blog post explores how a Cryptography Bills of Materials ...
DoD issues new marching orders on secure software and SBOMs
The push for software that is secure by design as well as for improved software supply chain security is gaining momentum with new marching orders from the U.S. Department of Defense (DoD) ...
OWASP’s Chat Playground lets security teams toy with gen AI
A new interactive tool for learning about securing generative AI models called Chat Playground has been launched by the OWASP Gen AI Security Project. Steve Wilson, co-chair of the Gen AI Security ...
Why Using SCA to Build Your SBOMs is a Risky Proposition
Organizations that generate software bills of materials (SBOM) by feeding software manifests into software composition analysis (SCA) tools only capture 49.91% of the components that make up final, published software packages, a ...
CISO’s open letter on third-party software risk is a call to action
The accelerated adoption of software as a service (SaaS) has fundamentally changed software consumption patterns, but it has also introduced a significant concentration of risk across enterprise environments and global critical infrastructure ...
Detection as code: How to enhance your real-time threat detection
Detection as code (DaC) is a powerful way for security teams to streamline rule development, automate threat detection, and respond to attacks with greater speed and precision. The DaC approach applies formal software ...
Malicious attack method on hosted ML models now targets PyPI
Artificial intelligence (AI) and machine learning (ML) are now inextricably linked to the software supply chain. ML models, which are based on large language models (LLMs), are powering the enterprise — and ...
How Spectra Assure’s SaaSBOM Delivers Software Transparency
In today’s modern interconnected world, software is rarely designed to function in isolation. Applications increasingly rely on external services and APIs to extend their functionality and implement useful features. Development teams can ...
