DevOps.com

MAY 18, 2023

A survey of 397 IT, cybersecurity and application development professionals conducted by Enterprise Strategy Group (ESG) found that while most respondents work for organizations that have adopted DevOps practices, multiple software supply chain security issues and DevSecOps concerns have yet to be addressed.

DevOps 129

DevOps Software Survey Groups 129

DevOps.com

MARCH 21, 2023

A global survey of 167 software professionals suggested that, while there is a lot more awareness of application security issues, the adoption of DevSecOps best practices is still not pervasive.

Software 132

Software Open Source Survey Applications 132

TechCrunch

DECEMBER 8, 2021

The spies, working for Russia’s foreign intelligence service, had first targeted SolarWinds, an IT company whose software helps to remotely manage the networks of thousands of businesses, Fortune 500 organizations and federal government agencies. federal government.

Software 225

Software Open Source Company Network 225

DevOps.com

MAY 23, 2023

Red Hat today announced a portfolio of cloud services designed to better secure software supply chains. The expanded portfolio includes Red Hat Trusted Application Pipeline to secure continuous integration/continuous delivery (CI/CD) workflows and Red Hat Trusted Content offerings to better secure software components.

Software 108

Software Continuous Delivery Continuous Integration Cloud 108

DevOps.com

MAY 5, 2023

A global survey of 300 global executives, technology and security professionals found software containing vulnerabilities (82%) followed by secrets leaked through source code (55%), malicious code (52%) and suspicious code (46%) posed a serious risk to the business.

Software 112

Software Survey Research Technology 112

DevOps.com

FEBRUARY 21, 2024

Organizations can maintain their DevOps momentum while protecting the software supply chain by shifting security left.

DevOps 82

DevOps Software Organization Continuous Delivery 82

DevOps.com

MARCH 15, 2022

The open source software (OSS) supply chain is under attack. As evidenced by the recent Log4Shell vulnerability, the OSS supply chain is increasingly a focus for attackers seeking to exploit weak links in security.

Software 142

Software Open Source Research Report 142

DevOps.com

MAY 23, 2023

The software supply chain has become increasingly complex and dynamic with the rise of cloud computing, open source software and third-party software components and APIs. Widespread damage can occur if third-party APIs, cloud services, SDKs and open source software have security flaws.

Software 102

Software Open Source Cloud Software Development 102

DevOps.com

OCTOBER 18, 2022

JFrog today added a JFrog Advanced Security module to its Artifactory repository that enables DevOps teams to scan both binaries and source code for vulnerabilities and misconfigurations. The post JFrog Adds Module to Better Secure Software Supply Chains appeared first on DevOps.com.

Software 143

Software DevOps Applications Development 143

DevOps.com

JANUARY 18, 2022

Recently, there’s been a lot of attention paid to software supply chain security. The post Using Open Source to Secure Software Supply Chains appeared first on DevOps.com. There are […].

Open Source 143

Open Source Software Architecture Government 143

DevOps.com

JANUARY 26, 2023

Last year, the world woke up to the software supply chain dilemma. Such supply chain attacks have increased by a shocking 742% over the past […] The post Software Supply Chain Security Debt is Increasing: Here’s How To Pay If Off appeared first on DevOps.com.

Software 141

Software How To DevOps 141

DevOps.com

APRIL 12, 2022

A survey of 1,750 IT security decision-makers published today found that, despite a series of high-profile cybersecurity breaches, nearly two-thirds (62%) of respondents have done nothing to secure their software supply chain. And nearly three-fourths (71%) of respondents admitted […].

Survey 135

Survey Software Software Development Development 135

DevOps.com

JUNE 6, 2023

Deepika Chauhan, chief product officer for DigiCert, said the addition of these capabilities to the DigiCert Software Trust Manager service would make it simpler for organizations to operationalize a methodology for securing […] The post DigiCert Allies With ReversingLabs to Secure Software Supply Chains appeared first on DevOps.com.

Software 104

Software Analysis Organization Continuous Delivery 104

Aqua Security

APRIL 14, 2022

Trivy is an easy-to-use, comprehensive open source scanner that helps developers gain visibility into the software components used in their applications. With the growing awareness about supply chain security, software bills of materials (SBOMs) have become the standard for creating software inventory lists.

Software 142

Software Open Source Industry Applications 142

Aqua Security

FEBRUARY 9, 2023

As reliance on software increases in both personal and professional contexts, security of the software supply chain has become a critical concern. Ensuring the security and quality of software is essential for protecting against digital attacks, data breaches, and other cyber threats.

Software 98

Software Analysis Data 98

DevOps.com

APRIL 25, 2023

The term ‘software supply chain security’ (SSC) can be interpreted in many ways. Following the White House executive order in May 2021 and the European Cyber Resilience Act (CRA) of 2022, both governments and corporations are taking a more active role in ensuring their software is secure.

Report 112

Report Software Government Continuous Delivery 112

DevOps.com

OCTOBER 11, 2022

At the Google Cloud Next ’22 conference, Google today launched a managed Software Delivery Shield (SDS) service to enable DevOps team to store, manage and secure the build artifacts in Artifact Registry. The post Google Looks to Secure Software Supply Chains appeared first on DevOps.com.

Software 112

Software Google Cloud Conference DevOps 112

DevOps.com

APRIL 7, 2022

Google today revealed it has been working with GitHub to create a forgery-proof method for signing source code as part of an ongoing effort to better secure software supply chains. The post Google Allies With GitHub to Secure Software Supply Chains appeared first on DevOps.com.

Software 135

Software Open Source Programming Technology 135

DevOps.com

DECEMBER 7, 2021

Lately, software supply chains find themselves in a very interesting and uncomfortable position—the industry spotlight—and not in a good way. While significant and costly breaches such as SolarWinds or Kaseya make front-page news, supply chain attack tactics (e.g.

Analysis 123

Analysis Software Industry Open Source 123

CTOvision

JUNE 28, 2021

Read Bernadine Racoma explain how small and medium businesses can protect their software supply chains from cyber threats on MarTech Series : According to the National Cyber Security Centre (NCSC), there are many challenges that organizations face on a day-to-day basis. This is […].

Software 159

Software Organization 159

DevOps.com

SEPTEMBER 9, 2022

As supply chain attacks become increasingly prevalent, visibility is emerging as a necessity in cybersecurity. One way to improve visibility and secure your software supply chain is with a software bill of materials (SBOM). An SBOM is a list of all the components within a codebase.

DevOps 103

DevOps Software Open Source Continuous Delivery 103

DevOps.com

OCTOBER 7, 2022

Composed of an infrastructure stack of mash-up code, hundreds of open source and commercial components, services and APIs, today’s software supply chain is fraught with security risks. The post Protecting CI/CD Pipelines to Secure the Software Supply Chain appeared first on DevOps.com.

Software 115

Software Open Source Infrastructure Applications 115

DevOps.com

OCTOBER 10, 2022

The post Endor Labs Applies Graph Analysis to Secure Software Supply Chains appeared first on DevOps.com.

Analysis 127

Analysis Software Applications Organization 127

DevOps.com

JULY 14, 2022

Scribe Security today unveiled a Scribe Integrity tool that scans software artifacts to make sure they comply with IT organizations’ security policies before they are integrated into an application. The post Scribe Security Unveils Pair of Tools to Secure Software Supply Chains appeared first on DevOps.com.

Tools 104

Tools Software Open Source Authentication 104

DevOps.com

JUNE 21, 2021

Google is proposing organizations adopt a framework for securing the integrity of software artifacts across a software supply chain. The post Google Proposes SLSA Framework to Secure Software Supply Chains appeared first on DevOps.com.

Software 116

Software Open Source Product Management Organization 116

InfoWorld

MAY 9, 2024

GitHub has introduced Artifact Attestations, a software signing and verification feature based on Sigstore that protects the integrity of software builds in GitHub Actions workflows. Artifiact Attestations is now available in a public beta. To read this article in full, please click here

Software 80

Software Policies Tools 80

DevOps.com

OCTOBER 26, 2022

At the KubeCon + CloudNativeCon North America conference this week, JFrog announced it contributed the Pyrsia project, which uses blockchain technologies to secure software packages, to the Continuous Delivery (CD) Foundation.

Software 103

Software Blockchain Continuous Delivery Conference 103

Synopsys

DECEMBER 14, 2021

Effective software supply chain risk management requires security measures throughout the entire supply chain. The post How to cyber security: Software supply chain risk management appeared first on Software Integrity Blog.

Software 78

Software How To Open Source Analysis 78

DevOps.com

MARCH 9, 2021

The Linux Foundation today embraced a sigstore project founded by Red Hat, Google and Purdue University to make it simpler for developers to employ cryptographic software, enabled by transparency log technologies, to secure software supply chains.

Linux 84

Linux Software Engineering Technology 84

DevOps.com

APRIL 19, 2024

Expect attacks on the open source software supply chain to accelerate, with attackers automating attacks in common open source software projects and package managers.

Open Source 125

Open Source Software Data Continuous Delivery 125

Prisma Clud

DECEMBER 1, 2022

As the systems we use to deliver software to the cloud get more complex and reliant on third-party components, they also leave more opportunities for attacks. Just last year, software supply chain attacks jumped 51% , which is proof that bad (and creative) actors are capitalizing on these weaknesses.

Weak Development Team 91

Weak Development Team Software Review Software Open Source 91

CTOvision

JUNE 22, 2021

A secure software supply chain has become essential to fulfilling government missions. Massive cyberattacks like SolarWinds highlight the serious risks to the enterprise that insecure software can create.

Software 107

Software Government Enterprise 107

Synopsys

NOVEMBER 22, 2021

BSIMM12 reports increased attention on software security due to recent supply chain disruptions. Get recommendations for managing supply chain risks. The post Effective software security activities for managing supply chain risks appeared first on Software Integrity Blog.

Software Review 64

Software Review Software Report Open Source 64

Coveros

MAY 25, 2021

CEO Jeff Payne discusses best practices for protecting your software delivery process from supply chain attacks with Business Development Manager Kim Trott. Today we’re going to be talking about software supply chain attacks with Coveros founder and CEO Jeff Payne. What is a Supply Chain?

Software Review 52

Software Review Software Open Source Systems Review 52

Tenable

NOVEMBER 27, 2023

How can SBOM adoption help beef up software supply chain security? Why CISA and NSA are pushing SBOM adoption to help organizations beef up software supply chain security. Why is the U.K. cyber agency urging cyber teams to prepare for quantum computing attacks? Why the U.K.

Artificial Intelligence 65

Artificial Intelligence Artificial Inteligence Software Policies 65

Darktrace

JANUARY 13, 2022

In the first prediction of our Future of Cyber Security series, Justin Fier explains why IT and communications is now the number one most targeted sector and why he expects the number of cyber-attacks on the software supply chain will only continue to rise in 2022.

Software 105

Software 105

Aqua Security

JANUARY 12, 2023

With recent software supply chain attacks on the rise, CISOs being held personally liable, and the United States government requiring minimum security software standards for any products and services they procure, the development industry is refocusing on software development strategies that make security a priority.

Guidelines 52

Guidelines Software Software Development Government 52