all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Definitive timeline: Federal guidance on software supply chain security

Add to bookmarks
Feb. 7, 2024, 1 p.m. | carolynn.vanarsdale@reversinglabs.com (Carolynn van Arsdale)

ReversingLabs Blog blog.reversinglabs.com




With major software supply chain attacks including the SunBurst attack on SolarWinds in 2020 and the critical vulnerability Log4j, software security moved front and center for risk managers and software teams alike. These incidents, along with a string of other attacks that span the past few decades, show the problem is only getting worse as bad actors target an increasingly complex process for building software — and the software development toolchain itself.

The problem has accelerated dramatically in …

appsec & supply chain security attack attacks center critical critical vulnerability federal guidance incidents log4j major managers problem risk risk managers security software software security software supply chain software supply chain attacks software supply chain security solarwinds span sunburst supply supply chain supply chain attacks supply chain security teams timeline vulnerability

Visit resource

More from blog.reversinglabs.com / ReversingLabs Blog

Verizon 2024 DBIR: Software supply chain risks fuel a data breach epidemic an hour ago | blog.reversinglabs.com
alarm appsec & supply chain security breach breaches +25
What’s hot at RSAC 2024: 8 SSCS talks you don’t want to miss 1 day ago | blog.reversinglabs.com
appsec & supply chain security cisos development don +16
How SOC analysts and threat hunters can expose malware undetected by EDR 2 days, 1 hour ago | blog.reversinglabs.com
analysts can corporate don +16
Introducing the Unified RL Spectra Suite 2 days, 1 hour ago | blog.reversinglabs.com
always on appsec & supply chain security change criminals +15
Announcing the General Availability of Spectra Detect v5.0: Enhancing File Analysis for Advanced Threat Detection 2 days, 1 hour ago | blog.reversinglabs.com
advanced advanced threat advanced threat detection analysis +23
Announcing the General Availability of TitaniumScale v5.0: Enhancing File Analysis for Advanced Threat Detection 6 days, 4 hours ago | blog.reversinglabs.com
advanced advanced threat advanced threat detection analysis +23
How NIST CSF 2.0 and C-SCRM help manage software supply chain risk 1 week ago | blog.reversinglabs.com
appsec & supply chain security businesses critical critical infrastructure +29
What’s hot at RSAC 2024: 7 must-see talks for security operations teams 1 week, 1 day ago | blog.reversinglabs.com
conference filter flood francisco +21
NVD delays highlight vulnerability management woes: Put malware first 1 week, 2 days ago | blog.reversinglabs.com
appsec & supply chain security attention change current +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Principal Business Value Consultant

@ Palo Alto Networks | Chicago, IL, United States
View on infosec-jobs.com

Cybersecurity Specialist, Sr. (Container Hardening)

@ Rackner | San Antonio, TX
View on infosec-jobs.com

Penetration Testing Engineer- Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com

Internal Audit- Compliance & Legal Audit-Dallas-Associate

@ Goldman Sachs | Dallas, Texas, United States
View on infosec-jobs.com

Threat Responder

@ Deepwatch | Remote
View on infosec-jobs.com
View more jobs