CISA best practices Archives

China, threats, scams, CISA TP-Link Volt Typhoon Salt Typhoon

Metadata of Americans Stolen in Chinese Hack: U.S. Official

Jeffrey Burt | December 5, 2024 | china espionage, CISA best practices, Salt Typhoon cyberattack, Telecom Cybersecurity

The call metadate of a "large number" of Americans was stolen by Chinese state-sponsored Salt Typhoon's hack of eight U.S. telecoms and dozens more around the world, according to U.S. officials, who ...

Security Boulevard

Securing your software supply chain with CISA’s new SBOM guidance

Aaron Linskens | November 4, 2024 | CISA best practices, SBOM, SBOM Manager, software bill of materials

With new and increasing cyber threats abound, navigating global software regulations and staying informed and compliant can seem like an unending task. To help mitigate risks within the software applications organizations use ...

2024 Sonatype Blog

Secure Software Development Attestation Form: Sonatype helps you comply

Ilkka Turunen | March 14, 2024 | CISA best practices, FEATURED, Federal, government, News and Views, secure software supply chain

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) unveiled the final version of the Secure Software Development Attestation Form. This pivotal ...

Sonatype Blog

A demand for real consequences: Sonatype’s response to CISA’s Secure by Design

Brian Fox | February 23, 2024 | CISA best practices, Cybersecurity, government, News and Views, Thought Leaders

In the fast-changing fields of cybersecurity and software development, the importance of creating secure software is more crucial than ever. Recently, my colleagues and I at the Open Source Security Foundation (OpenSSF) ...

Sonatype Blog