Tag: SBoM
Chainguard Adds Private Edition of Code Signing Platform
Chainguard today added a private preview of a Chainguard Enforce Signing service, enabled by the open source Sigstore project, that allows developers to generate digital signatures for software artifacts using identities and ...
Codenotary Automates SBOM Creation
Mike Vizard | | Codenotary, devsecops, SBoM, software bill of materials, Software Supply Chain SecurityCodenotary today launched a tool that enables an application to automatically generate a software bill of materials (SBOM) by adding a single line to its source code. Codenotary CEO Moshe Bar said ...
Making SBOMs Actionable
A software bill of materials (SBOM) is a list of all the software components found in a given codebase or used in a given software build. Great. So, now what? Why do ...
Fear of the Unknown
Don Macvittie | | cloud instance cleanup, inventory, SBoM, software bill of materials, software inventoryWe IT folks are pretty fearless. Because it is newer technology, and change in IT is easier than in areas like heavy manufacturing, we are regularly thrown new tools, products and methodologies ...
SCA, SBOMs and Floodgates
Don Macvittie | | open-source components, SBoM, SCA, software bill of materials, software composition analysisTwo criteria are used to determine pervasiveness of a new idea. Availability of an easy-to-understand solution and customer need. Given both of these items, what might be a market-differentiating feature available in ...
DevOps World 2022: Using SBOMs to Secure the Software Supply Chain
As supply chain attacks become increasingly prevalent, visibility is emerging as a necessity in cybersecurity. One way to improve visibility and secure your software supply chain is with a software bill of ...
SBOMs 101: What You Need to Know
Recent security incidents have the industry buzzing about the lack of knowledge about code dependencies, attacks on the software supply chain, software bills of materials (SBOM), digital signatures, provenance, attestation and the ...
The Age of Software Supply Chain Disruption
The software supply chain is swiftly becoming a widespread attack vector, and securing it is now in the spotlight. Software supply chain attacks have become a given in 2022, reports Darktrace. SolarWinds, ...
Survey Surfaces Raft of Application Security Issues
Mike Vizard | | devsecops, ReversingLabs, SBoM, Software Supply Chain, Software Supply Chain SecurityA global survey from ReversingLabs found 87% of respondents agreed that software tampering has become a more frequently-used cybersecurity attack, but only 37% said they have any means to detect it. The ...
WhiteSource Offers Free Spring4Shell Vulnerability Tool
WhiteSource has launched a free command-line interface (CLI) tool that detects vulnerable open source Spring4Shell vulnerabilities (CVE-2022-22965) that are impacting Java applications built using the Spring development framework. Susan St. Clair, director ...
GitLab Allies With Rezilion to Add Workload Analysis Tool
Rezilion has integrated its workload analysis tool with the continuous integration (CI) framework provided by GitLab. The move is part of an effort to make it simpler for developers to discover issues ...
Secure Software Summit: Behold the SBOM
With supply chain security becoming more of a focus, the SBOM is now viewed as a critical element in shoring up supply chain security. SBOM stands for software bill of materials. At ...
