Security news that informs and inspires

Archive

12 results for tag Software Security:

Ingredient List Only Part of the Recipe to Fix Supply Chain Security

The requirement for vendors to provide a software bill of materials for the apps they sell to federal agencies will only address part of the supply chain risk, experts say.

Government, Software Security, Solarwinds

Q&A: Idan Plotnik

Idan Plotnik of Apiiro Security discusses the value of a risk-based approach to software development and deployment.

Software Security

In Wake of SolarWinds Breach, the Challenge of Building Secure Software Remains

SolarWinds is testing a system of parallel build servers to help prevent a future supply chain attack on its infrastructure.

Solarwinds, Software Security

GitHub Fixes Bug That Could Have Routed Authenticated Sessions to Other Users

GitHub has patched a flaw in a backend system that in rare cases could have routed one user's authenticated session to another user's browser.

Software Security

Malicious Code Found in Package Repositories

Attackers have increasingly targeted the software supply chain by populating package managers such as RubyGems and npm with malicious code.

Software Security, Open Source