Using a Software Bill of Materials (SBOM) is Going Mainstream

I read a couple of advisories by Caleb Queern of KPMG entitled, What Are SBOMs?, and, Which Teams In My Organization Can Help Reduce Risk Using SBOM’s? These articles bring a smile ...
UPDATE: 21 SaltStack Breaches with 2900 Still Vulnerable

UPDATE: 21 SaltStack Breaches with 2900 Still Vulnerable

| | AppSec, SBOM, SCA
UPDATE for May 31, 2020: We first published this story over a week ago, but adversaries don't rest. On Friday, Cisco announced that they have discovered SaltStack compromises on six of their ...

Gartner: Mitigate Risk By Hardening the Software Supply Chain

When molten steel is immersed in water it transforms into one of the world’s strongest materials. A resilient software supply chain is no different. Hardened steel requires combining alloys; a hardened software ...

Why You Need a Software Bill of Materials More Than Ever

Imagine that a new vulnerability in lodash was just announced. Applications using the npm package are being exploited through large scale automated DoS attacks. You need to act quickly to understand if ...