Hot Topics

supply chain security

Three Mechanisms to Protect Your Git Repositories

Three Mechanisms to Protect Your Git Repositories

| | git, supply chain security
...despite all intentions to follow best practices, they don't. When you automate enforcement of best practices, you can ensure those practices are followed ...
GitGuardian Blog - Automated Secrets Detection
AI Supply Chain Security: Hugging Face Malicious ML Models

AI Supply Chain Security: Hugging Face Malicious ML Models

| | AI, Blog, supply chain security
Introduction to Hugging Face Malicious ML Models Background A recent report by JFrog researchers found that some machine learning models on Hugging Face may be used to attack the user environment. These ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
A fork, wrapped in delicious pasta

GitHub Fights Forks — Millions of Them — Huge Software Supply Chain Security FAIL

| | Apiiro, App Sec & Supply Chain Security, AppSec & Supply Chain Security, dependency confusion, dependency confusion attacks, GitHub, github application security, github bug, GitHub Exploit, GitHub repositories, GitHub Security Measures, github security scanning, GitHub Security Vulnerabilities, Open Source and Software Supply Chain Risks, open source software supply chain, open source software supply chain security, repo confusion, SB Blogwatch, secure software supply chain, software supply chain, software supply chain attack, software supply chain attacks, software supply chain automation, software supply chain hygiene, software supply chain risk, Software Supply Chain risks, software supply chain security, Software Supply Chain Security Weaknesses, supply chain, supply chain security, Supply-Chain Insecurity
Forking hell: Scrotebots clone thousands of projects, injecting malware millions of times ...
Security Boulevard
Securing The Software Delivery Pipeline With Honeytokens

Securing The Software Delivery Pipeline With Honeytokens

| | honeytokens, supply chain security
Discover how honeytokens enhance security by detecting breaches in real-time across the software development lifecycle. Learn how to deploy these decoy credentials and traps effectively, bolstering defenses against cyber threats ...
GitGuardian Blog - Automated Secrets Detection
How do you manage secrets (Credentials) in an organisation - Expert panel

Top Secrets Management Tools for 2024

| | aws secrets manager, azure key vault, Secrets Management, supply chain security
Let's walk through nine of the top secrets management solutions for 2024 ...
GitGuardian Blog - Automated Secrets Detection
OSS Japan 2023 - Keynotes - Hall B - Live from Tokyo, Japan

Will 2024 Be the Year of the Software Bill of Materials? Experts Weigh In.

| | ChiefProductOfficer, CPO, DevSecOps, SBOM, software supply chain, supply chain security, TalkSecure
The post Will 2024 Be the Year of the Software Bill of Materials? Experts Weigh In. appeared first on CodeSecure ...
TalkSecure | CodeSecure
Secrets inside packages, scanning Python PyPi for credentials with Tom Forbes

Uncovering thousands of unique secrets in PyPI packages

| | Secrets detection, Software Composition Analysis, supply chain security
Security Researcher Tom Forbes worked with the GitGuardian team to analyze all the code committed to PyPi packages and surfaced thousands of hardcoded credentials ...
GitGuardian Blog - Automated Secrets Detection
Software Supply Chain Security Solution – Supply Chain Security Control

Software Supply Chain Security Solution – Supply Chain Security Control

| | Blog, supply chain security
Establishing a Software Supply Chain Asset Register An organization’s products and services are diverse and complex. By establishing a software supply chain asset register, you can have a clear understanding of the ...
NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.
Hands-on guide to Runtime Security for CI/CD Pipelines with StepSecurity

Webinar Recap: Hands-on guide to Runtime Security for CI/CD Pipelines with StepSecurity

| | Best Practices, DevSecOps, supply chain security, Tutorials
A condensed recap of our hands-on runtime security webinar from September. Get the juiciest knowledge nuggets and pointers to more ...
GitGuardian Blog - Automated Secrets Detection
data cybersecurity software CISA ransomware cybersecurity protect data c-suite

CISA Seeks Public Input for Supply Chain Security Improvements 

| | Application Security, AppSec, cisa, software supply chain, supply chain security
CISA recently took a significant step in bolstering software supply chain security by issuing a formal request for public input ...
Security Boulevard
Load more