The federal government aims to streamline its information security and supply chain security procurement policies as part of an effort to bolster cyber defenses and better safeguard federal systems. The General Services Administration, NASA and the Department of Defense – the three federal agencies responsible for maintaining the extensive set of rules governing federal acquisition […]
Section four of the “Executive Order on Improving the Nation’s Cybersecurity” introduced a lot of people in tech to the concept of a “Software Supply Chain” and securing it. If you make software and ever hope to sell it to one or more federal agencies, you have to pay attention to this. Even if you […]
A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack Reference (OSC&R) initiative, led by OX Security, evaluates software supply chain security threats, covering a wide range of attack vectors […]
Latest Comments