Supply Chain Security - Security Ticks

Verifying Software Integrity With Sigstore

software, Supply Chain Security / SecurityTicks

Verifying Software Integrity With Sigstore 11/07/2023 at 17:48 By Matt Honea Signing code is very important to defend against supply chain attacks, but it’s also one of the most cumbersome to implement for internal development. The post Verifying Software Integrity With Sigstore appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed […]

React to this headline:

Verifying Software Integrity With Sigstore Read More »

Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech

credentials, Funding/M&A, Infisical, open source, secrets sprawl, Supply Chain Security / SecurityTicks

Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech 05/07/2023 at 19:47 By Ryan Naraine Infisical banks $2.8 million in seed funding as investors continue to bet on companies in the software supply chain security space. The post Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech appeared first on SecurityWeek. This article

React to this headline:

Infisical Snags $2.8M Seed Funding for Secrets Sprawl Security Tech Read More »

Rapid7: Japan Threat Landscape Takes on Global Significance

APT, Cyberwarfare, Japan, Nation-State, Ransomware, Supply Chain Security / SecurityTicks

Rapid7: Japan Threat Landscape Takes on Global Significance 29/06/2023 at 18:46 By Kevin Townsend Rapid7 analyzes the Japan threat landscape and warns that attacks against the third-largest economy in the world have global consequences. The post Rapid7: Japan Threat Landscape Takes on Global Significance appeared first on SecurityWeek. This article is an excerpt from SecurityWeek

React to this headline:

Rapid7: Japan Threat Landscape Takes on Global Significance Read More »

HashiCorp Buys BluBracket for Secrets Scanning Tech

BluBracket, Funding/M&A, HashiCorp, M&A Tracker, secrets scanning, supply chain, Supply Chain Security / SecurityTicks

HashiCorp Buys BluBracket for Secrets Scanning Tech 27/06/2023 at 23:24 By Ryan Naraine HashiCorp acquires BluBracket secrets-scanning technology to help businesses block accidental leaks and fight secret sprawl. The post HashiCorp Buys BluBracket for Secrets Scanning Tech appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React to

React to this headline:

HashiCorp Buys BluBracket for Secrets Scanning Tech Read More »

Software Supply Chain: The Golden Container Ship

SBOM, Supply Chain Security, Vulnerabilities / SecurityTicks

Software Supply Chain: The Golden Container Ship 12/06/2023 at 15:18 By Matt Honea By having a golden image you will put a process in place that allows you to quickly take action when a vulnerability is found within your organization. The post Software Supply Chain: The Golden Container Ship appeared first on SecurityWeek. This article

React to this headline:

Software Supply Chain: The Golden Container Ship Read More »

SBOMs – Software Supply Chain Security’s Future or Fantasy?

Featured, Government, Government Policy, open source, SBOM, software, Supply Chain Security, Vulnerabilities / SecurityTicks

SBOMs – Software Supply Chain Security’s Future or Fantasy? 05/06/2023 at 14:39 By Kevin Townsend If after eighteen months, meaningful use of SBOMs is unachievable, we need to ask what needs to be done to fulfill Biden’s executive order. The post SBOMs – Software Supply Chain Security’s Future or Fantasy? appeared first on SecurityWeek. This

React to this headline:

SBOMs – Software Supply Chain Security’s Future or Fantasy? Read More »

Researchers Spot APTs Targeting Small Business MSPs

APT, Nation-State, Ransomware, Supply Chain Security / SecurityTicks

Researchers Spot APTs Targeting Small Business MSPs 24/05/2023 at 21:37 By Ryan Naraine Proofpoint warns that APT actors linked to Russia Iran and North Korea are increasingly targeting small- and medium-sized businesses. The post Researchers Spot APTs Targeting Small Business MSPs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View

React to this headline:

Researchers Spot APTs Targeting Small Business MSPs Read More »

Red Hat Pushes New Tools to Secure Software Supply Chain

Application Security, open source, Red Hat, Supply Chain Security / SecurityTicks

Red Hat Pushes New Tools to Secure Software Supply Chain 23/05/2023 at 17:49 By Ryan Naraine Red Hat rolls out a new suite of tools and services to help mitigate vulnerabilities across every stage of the modern software supply chain. The post Red Hat Pushes New Tools to Secure Software Supply Chain appeared first on

React to this headline:

Red Hat Pushes New Tools to Secure Software Supply Chain Read More »

China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States

China, Supply Chain Security / SecurityTicks

China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States 22/05/2023 at 14:20 By Associated Press China’s government told users of computer equipment deemed sensitive to stop buying products from the biggest U.S. memory chipmaker, Micron. The post China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud

React to this headline:

China Tells Tech Manufacturers to Stop Using Micron Chips, Stepping Up Feud With United States Read More »

Pimcore Platform Flaws Exposed Users to Code Execution

Supply Chain Security, Vulnerabilities / SecurityTicks

Pimcore Platform Flaws Exposed Users to Code Execution 19/05/2023 at 23:09 By Ionut Arghire Security researchers are warning that newly patched vulnerabilities in the Pimcore platform bring code execution risks. The post Pimcore Platform Flaws Exposed Users to Code Execution appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original

React to this headline:

Pimcore Platform Flaws Exposed Users to Code Execution Read More »

Investors Make $6M Bet on Manifest for SBOM Management Technology

Funding/M&A, Supply Chain Security / SecurityTicks

Investors Make $6M Bet on Manifest for SBOM Management Technology 18/05/2023 at 22:05 By Ryan Naraine Manifest raises $6 million in seed funding to help businesses generate, collect, and manage software bill of materials (SBOMs). The post Investors Make $6M Bet on Manifest for SBOM Management Technology appeared first on SecurityWeek. This article is an

React to this headline:

Investors Make $6M Bet on Manifest for SBOM Management Technology Read More »

Entro Raises $6M to Tackle Secrets Sprawl

Funding/M&A, Supply Chain Security / SecurityTicks

Entro Raises $6M to Tackle Secrets Sprawl 17/05/2023 at 15:10 By Ryan Naraine Israeli startup Entro launches with $6 million in seed-stage funding and a product to help manage secrets sprawl in the enterprise. The post Entro Raises $6M to Tackle Secrets Sprawl appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Entro Raises $6M to Tackle Secrets Sprawl Read More »

The SBOM Bombshell

SBOM, Supply Chain Security, Vulnerabilities / SecurityTicks

The SBOM Bombshell 09/05/2023 at 15:31 By Matt Honea SBOMs can be used for managing risk and determining vulnerability impact, but it’s very hard to build holistic risk models when the data is not standardized across multiple platforms. The post The SBOM Bombshell appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

The SBOM Bombshell Read More »