develop.secure.software | Practical knowledge for dev and release teams

Software Supply Chain Security

Software supply chain security top of mind for dev teams — but detection lags

Carolynn van Arsdale

A survey of more than 300 software professionals found the threat of supply chain attacks looms large—but efforts to...

Software Supply Chain Security

Software supply chain alert: ‘7 million’ cleartext access tokens in Travis CI logs

Richi Jennings

Travis CI cleartext logs are trivially easy to access—all 770 million of them. And researchers have found lots of...

Software Supply Chain Security

A (partial) history of software supply chain attacks

Paul Roberts

SolarWinds put software supply chain hacks on the radar. But attacks aren’t new. In fact, they’re much older than you...

Software Security

5 CI/CD breaches analyzed: Why you need to update your software security approach

Carolynn van Arsdale

Omer Gil and Daniel Krivelevich outlined the top 10 CI/CD security risks at RSA Conference, analyzing five recent...

Software Supply Chain Security

MITRE’s System of Trust: A proposed standard for software supply chain security

Paul Roberts

MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's...

Threat Research

Go below the surface on tampering: The trouble with software integrity validation

Karlo Zanki

The growing number of software supply chain attacks is putting pressure on validation of software integrity

Software Supply Chain Security

Why you need to prioritize development and software supply chain security

ReversingLabs

Enterprise software development graduated from the “waterfall” framework of development and operations

Software Supply Chain Security

How to detect software supply chain attacks

ReversingLabs

There are many reasons software supply chain attacks are attractive to cyber criminals

Software Supply Chain Security

How existing cybersecurity frameworks can curb software supply chain attacks

ReversingLabs

Implement processes and controls to disrupt attackers

Software Supply Chain Security

What are software supply chain attacks? How to protect your software lifecycle

ReversingLabs

Software supply chains are important new challenge to manage as businesses the world over undergo massive digital...

Software Supply Chain Security

Software supply chain security top of mind for dev teams — but detection lags

Carolynn van Arsdale

A survey of more than 300 software professionals found the threat of supply chain attacks looms large—but efforts to...

Software Supply Chain Security

Software supply chain alert: ‘7 million’ cleartext access tokens in Travis CI logs

Richi Jennings

Travis CI cleartext logs are trivially easy to access—all 770 million of them. And researchers have found lots of...

Software Supply Chain Security

A (partial) history of software supply chain attacks

Paul Roberts

SolarWinds put software supply chain hacks on the radar. But attacks aren’t new. In fact, they’re much older than you...

Software Security

5 CI/CD breaches analyzed: Why you need to update your software security approach

Carolynn van Arsdale

Omer Gil and Daniel Krivelevich outlined the top 10 CI/CD security risks at RSA Conference, analyzing five recent...

Software Supply Chain Security

MITRE’s System of Trust: A proposed standard for software supply chain security

Paul Roberts

MITRE’s System of Trust framework is aiming to standardize how software supply chain security is assessed. MITRE's...

Threat Research

Go below the surface on tampering: The trouble with software integrity validation

Karlo Zanki

The growing number of software supply chain attacks is putting pressure on validation of software integrity

Software Supply Chain Security

Why you need to prioritize development and software supply chain security

ReversingLabs

Enterprise software development graduated from the “waterfall” framework of development and operations

Software Supply Chain Security

How to detect software supply chain attacks

ReversingLabs

There are many reasons software supply chain attacks are attractive to cyber criminals

Software Supply Chain Security

How existing cybersecurity frameworks can curb software supply chain attacks

ReversingLabs

Implement processes and controls to disrupt attackers

Software Supply Chain Security

What are software supply chain attacks? How to protect your software lifecycle

ReversingLabs

Software supply chains are important new challenge to manage as businesses the world over undergo massive digital...