Recent Posts from John P. Mello Jr.
March 20, 2023
Experts weigh in on a new OpenSSF SLSA framework survey — and the overall state of supply chain security practices.
March 9, 2023
Here are the key takeaways from the Colour-Blind remote access trojan, with insights from supply chain security experts.
January 4, 2023
Supply chain attacks are surging — and no one is immune. That has CISOs and boards worried. Learn from these notable 2022 software supply chain attacks.
November 23, 2022
Software supply chain attacks are on the rise because of their reach. Here are 10 valuable lessons from the recent GitHub namespace attack.
November 8, 2022
Here's why your organization should consider a SaaSBOM, as well as the essential challenges facing their implementation.
October 26, 2022
The state of CI/CD security: Upgrade your software supply chain tools to maintain velocity and security
Modern software supply chain security depends on getting your tools right, and focusing on the end-to-end software development lifecycle. Here's what you need to maintain your software development and release and stay secure.