Tackling Software Supply Chain Security: A Toolbox for Policymakers | allinfosecnews.com

April 13, 2023, 12:01 p.m. | akuehn

Lawfare www.lawfareblog.com

Acting National Cyber Director Kemba Walden meets European Commission Vice-President Margaritis Schinas in Feb. 2023. (European Commission, https://tinyurl.com/34ekek8e; European Commission Content Reuse Law with Attribution, https://tinyurl.com/5n794tx5)

For software development platform provider CircleCI, this year began with a scramble to respond to a software supply chain compromise. CircleCI’s tens of thousands of customers use the continuous integration and delivery (CI/CD) platform for automating the building, testing, and deployment of software. A malicious actor had gained remote access to an employee’s …

access actor circleci cloud cloud infrastructure compromise continuous continuous integration credentials customer customer data customers data datadog delivery deployment development employee infrastructure integration keys laptop malicious monitoring platform private keys remote access respond security signing software software development software supply chain software supply chain security supply supply chain supply chain compromise supply chain security testing

More from www.lawfareblog.com / Lawfare

What Counterman Means for Prosecuting Trump Over Jan. 6 10 months ago | www.lawfareblog.com

colorado communication court government +4

How Big Is the Cyber Insurance Market? Can It Keep Growing? 10 months ago | www.lawfareblog.com

administration basic biden biden administration +16

A New Kill Chain Approach to Disrupting Online Threats 10 months, 1 week ago | www.lawfareblog.com

battlefield commercial companies cyber +18

Upcoming Supreme Court Case Threatens Congressional Subpoena Power 10 months, 1 week ago | www.lawfareblog.com

attorney biden capitol case +21

There is No Norm Against Prosecuting Former Presidents 10 months, 2 weeks ago | www.lawfareblog.com

argument defense editor indictment +5

Intern with Lawfare! 10 months, 2 weeks ago | www.lawfareblog.com

application applications hybrid information +12

Proposed NIST Updates and Data Incident Response Planning 10 months, 2 weeks ago | www.lawfareblog.com

controls cyberattack data data incident +28

The Dynamics of the Ukrainian IT Army’s Campaign in Russia 10 months, 2 weeks ago | www.lawfareblog.com

army bits campaign companies +24

What are the Classified Documents in the Trump Indictment? 10 months, 3 weeks ago | www.lawfareblog.com

classified department department of justice documents +9

Sr. Cloud Security Engineer

@ BLOCKCHAINS | USA - Remote

View on infosec-jobs.com

Network Security (SDWAN: Velocloud) Infrastructure Lead

@ Sopra Steria | Noida, Uttar Pradesh, India

View on infosec-jobs.com

Senior Python Engineer, Cloud Security

@ Darktrace | Cambridge

View on infosec-jobs.com

Senior Security Consultant

@ Nokia | United States

View on infosec-jobs.com

Manager, Threat Operations

@ Ivanti | United States, Remote

View on infosec-jobs.com

Lead Cybersecurity Architect - Threat Modeling | AWS Cloud Security

@ JPMorgan Chase & Co. | Columbus, OH, United States

View on infosec-jobs.com