Introducing New Secrets Management Capabilities For Mitigating Software Supply Chain Risk | allinfosecnews.com

March 14, 2023, 1 p.m. | jasmine.noel@reversinglabs.com (Jasmine Noel)

ReversingLabs Blog blog.reversinglabs.com

Businesses are vulnerable to software supply chain breaches when software releases leak secrets such as authentication credentials, hardcoded passwords, API tokens, and encryption keys. Look no further than the CircleCI, Toyota and CodeCov incidents.

Behind the scenes, attackers are automating secrets detection to find credentials and attack software development tech stacks and delivery pipelines. Once compromised, software supply chains leave software providers and their customers exposed to further attacks including the placement of malware, the theft of sensitive data, …

api attack attackers attacks authentication breaches businesses capabilities circleci codecov compromised credentials customers delivery detection development encryption encryption keys exposed find hardcoded incidents keys leak management passwords pipelines releases risk secrets secrets detection secrets management software software development software releases software supply chain software supply chain risk software supply chains software supply chain security stacks supply supply chain supply chain risk supply chains tech tech stacks tokens toyota vulnerable

More from blog.reversinglabs.com / ReversingLabs Blog

NSA's zero-trust maturity for AppSec: What you need to know 2 days, 21 hours ago | blog.reversinglabs.com

agency application appsec appsec & supply chain security +17

Security operations by the numbers: 30 cybersecurity stats that matter 4 days ago | blog.reversinglabs.com

cybersecurity defenses enterprise enterprise it +17

The state of AppSec: Are we getting better — or falling behind? 5 days, 1 hour ago | blog.reversinglabs.com

application application security appsec appsec & supply chain security +7

Why shareable SBOMs are essential for software security 1 week, 4 days ago | blog.reversinglabs.com

appsec & supply chain security bills building collecting +21

Will CISA's Secure by Design pledge be a catalyst for better software security? 1 week, 5 days ago | blog.reversinglabs.com

adoption agency akamai amazon +17

When it comes to threat modeling, not all threats are created equal 2 weeks, 3 days ago | blog.reversinglabs.com

appsec & supply chain security can career fix +4

CISA's new 'vulnrichment' program aims to bolster the NVD 2 weeks, 4 days ago | blog.reversinglabs.com

agency appsec & supply chain security bolster cisa +17

ReversingLabs Search Extension for Splunk Enterprise 2 weeks, 5 days ago | blog.reversinglabs.com

apis application blog command +13

What you missed at RSA Conference 2024: Key trends and takeaways 2 weeks, 5 days ago | blog.reversinglabs.com

america appsec & supply chain security artificial intelligence (ai) center +20

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia

View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)

View on infosec-jobs.com