all InfoSec news
Tackling Software Supply Chain Security: A Toolbox for Policymakers
Lawfare www.lawfareblog.com
For software development platform provider CircleCI, this year began with a scramble to respond to a software supply chain compromise. CircleCI’s tens of thousands of customers use the continuous integration and delivery (CI/CD) platform for automating the building, testing, and deployment of software. A malicious actor had gained remote access to an employee’s …
access actor circleci cloud cloud infrastructure compromise continuous continuous integration credentials customer customer data customers data datadog delivery deployment development employee infrastructure integration keys laptop malicious monitoring platform private keys remote access respond security signing software software development software supply chain software supply chain security supply supply chain supply chain compromise supply chain security testing