CISA issues guidance on defending against software supply chain attacks

Cybersecurity and Infrastructure Security Agency (CISA) issued guidance this week following the compromise of the SolarWinds software that affected thousands of entities across the United States and beyond. The guidance took the form of a primer for companies explaining the nature of the software supply chain and the various access points where supply chain vulnerabilities exist. It concludes with concrete recommendations for both vendors and their customers with discussion on the Secure Software Development Framework (SSDF) and Cyber Supply Chain Risk Management (C-SCRM)”]

Source: https://www.csoonline.com/article/3616123/cisa-issues-guidance-on-defending-against-software-supply-chain-attacks.html

Something Fresh

Zip Codes & PII: Are They Personal Data?

ZeroNet: 51% Attack Risks & Mitigation

Zero Knowledge Voting with Trusted Server

What People Reading

Zero-Day Vulnerabilities: User Defence Guide

Feedback and data-driven updates to Googles disclosure policy

YubiKey Security: Initial Setup with Yubi Cloud

Security Insider Interview Series: John McArthur, Senior Product Manager, IP Intelligence; and Rupert Young, Senior Director Software Engineering, Data Compilation and Identity, Neustar

Certificate Security in the Wild West

Categories

Partners

Just add here your partners image or promo text