supply chain security
Three Mechanisms to Protect Your Git Repositories
...despite all intentions to follow best practices, they don't. When you automate enforcement of best practices, you can ensure those practices are followed ...
AI Supply Chain Security: Hugging Face Malicious ML Models
Introduction to Hugging Face Malicious ML Models Background A recent report by JFrog researchers found that some machine learning models on Hugging Face may be used to attack the user environment. These ...
GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL
Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times ...
Securing The Software Delivery Pipeline With Honeytokens
Discover how honeytokens enhance security by detecting breaches in real-time across the software development lifecycle. Learn how to deploy these decoy credentials and traps effectively, bolstering defenses against cyber threats ...
Top Secrets Management Tools for 2024
Let's walk through nine of the top secrets management solutions for 2024 ...
Will 2024 Be the Year of the Software Bill of Materials? Experts Weigh In.
The post Will 2024 Be the Year of the Software Bill of Materials? Experts Weigh In. appeared first on CodeSecure ...
Uncovering thousands of unique secrets in PyPI packages
Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials ...
Software Supply Chain Security Solution – Supply Chain Security Control
Establishing a Software Supply Chain Asset Register An organization’s products and services are diverse and complex. By establishing a software supply chain asset register, you can have a clear understanding of the ...
Webinar Recap: Hands-on guide to Runtime Security for CI/CD Pipelines with StepSecurity
A condensed recap of our hands-on runtime security webinar from September. Get the juiciest knowledge nuggets and pointers to more ...
CISA Seeks Public Input for Supply Chain Security Improvements
CISA recently took a significant step in bolstering software supply chain security by issuing a formal request for public input ...