all InfoSec news
Definitive timeline: Federal guidance on software supply chain security
ReversingLabs Blog blog.reversinglabs.com
With major software supply chain attacks including the SunBurst attack on SolarWinds in 2020 and the critical vulnerability Log4j, software security moved front and center for risk managers and software teams alike. These incidents, along with a string of other attacks that span the past few decades, show the problem is only getting worse as bad actors target an increasingly complex process for building software — and the software development toolchain itself.
The problem has accelerated dramatically in …
appsec & supply chain security attack attacks center critical critical vulnerability federal guidance incidents log4j major managers problem risk risk managers security software software security software supply chain software supply chain attacks software supply chain security solarwinds span sunburst supply supply chain supply chain attacks supply chain security teams timeline vulnerability