Interlynk

??? Interlynk v3.1.1 release makes it simpler, faster, and secure ??? ?? Component Support Management continues to strengthen with ? Bulk Update Support Status to save time in large SBOMs ?? CSV Export with Support Details, including support level for parts ?? Source Code Integrations now include BitBucket and resilience with GitHub ?? Bitbucket Integration with support for webhooks ?? Enhanced Repository Connections - Improved GitHub handling ?? User Management ?? User CSV Export - Export user information as CSV ?? Improved Invitation Flow - Updats to user invitations flow ?? Organization User Pagination - Added user list pagination ?? SBOM Enhancements ? ?? Comparison Layout Improvements - Clearer visualization of differences ??? Drag and Drop Upload - Full-screen SBOM drag and drop support ?? Auto-Archive for Ready Status - Automatic archiving feature when new SBOM has been processed ??? Vulnerability Management ?? Affected Products View - View products in the Global Vulnerability View ?? Expanded View Improvements - Improvements to expanded components ? Performance Optimizations ?? Improved Memory Management - Sluggish performance squished ?? Enhanced Database Connections - Improve reliability of database operations ?? Bug Fixes Eight bugs squashed ?? System Monitoring Enhancements ?? Enhanced Logging - Better system logging capabilities ?? Email Security - Updated email validation for better security ?? Monitoring Enhancements - Improved error monitoring and handling Read our official release notes here - https://lnkd.in/gV2F8mCr

?? UK DSIT report on Open Source security underscores SBOM ?? UK's Department for Science, Innovation and Technology (DSIT) has released a report on open-source best practices and supply chain risk management. The comprehensive report finds several weaknesses in the current practices for open-source consumption and makes four recommendations, including organization-wide adoption of SBOM: ??? Establish an internal OSS policy to manage the adoption of OSS components. ??? Create a Software Bill of Materials (SBOM) to track OSS components and their dependencies. ??? Continuously monitor the organisation’s software supply chain using a software composition analysis (SCA) tool to identify vulnerabilities and licensing issues. ??? Promote active engagement with the OSS community to attract new talent, level the competitive playing field, foster innovation, improve reputation, and ensure high-quality OSS components and a sustainable OSS ecosystem. Learn More: https://lnkd.in/gSAaAtHf

?? SBOM Compliance in NIS2, DORA, PCI DSS4, and CRA ?? The EU is tightening cybersecurity regulations, and SBOM plays a crucial role in meeting compliance across different frameworks: ?? NIS2 – Expands cybersecurity mandates for critical sectors, emphasizing supply chain security. ?? DORA – Strengthens resilience in the financial sector, requiring transparency in third-party software risks. ?? CRA – Directly impacts software and hardware vendors by enforcing secure development and vulnerability management. ??? PCI DSS4 – Required for safe handling of credit card payment processing. For organizations managing software supply chain risks, SBOM is becoming essential for compliance. Which regulation affects your organization the most? Learn more: https://lnkd.in/gD2X5ssY

?? Singapore considers SBOM for Medical Device Best Practices ?? Singapore's Medical Devices Cluster (MDC) has released a draft of the Best Practices Guide for Medical Device Cybersecurity for stakeholders' consultation. This draft - now in stakeholder review until May 12th - provides best practice recommendations and considerations to all medical device manufacturers and healthcare providers on general cybersecurity principles to ensure medical devices are secure throughout the Total Product Life Cycle (TPLC). The draft embraces key FDA recommendations, including: ?? Total Product Life Cycle (TPLC) Framework ?? Use of SBOM for compliance and incident response ?? End-of-life / End-of-service management ?? Transparency and communication Learn more: https://lnkd.in/e3fPT4PV

?? Friday is SBOM Jobs Day! ?? Are you looking to advance your career in software supply chain security? Several leading companies hire professionals with SBOM expertise to help ensure product security and compliance with regulations like the US FDA, EU NIS2, EU DORA, US Executive Order 14028, EU Product Liability Directive (PLD), EU Cyber Resilience Act (CRA) and PCI DSS4.0. If you're passionate about securing open-source software and third-party components, these roles offer a fantastic opportunity to be at the forefront of innovation in SBOM automation and software security. Check out the open positions and take the next step in your career! ???? [VistaEquityPartners] Associate Cybersecurity Engineer, Austin (TX) https://lnkd.in/gMNF3DJw [Credence Management Corporation]?Sr. DevSecOps Engineer, McLean (VA) https://lnkd.in/gC6ztydu [MUFG] Senior DevSecOps Engineer, Vice President, Tempe (AZ), Jersey City (NJ), Tempa (FL) https://lnkd.in/gE_ZBR7s [Johnson & Johnson]?Technical Fellow, Product Security - Remote US https://lnkd.in/g2j6qrkZ Good luck, and reach out to Interlynk if you need help getting started: https://lnkd.in/gikYTtSY

?? Friday is SBOM Jobs Day! ?? Are you looking to advance your career in software supply chain security? Several leading companies hire professionals with SBOM expertise to help ensure product security and compliance with regulations like the US FDA, EU NIS2, EU DORA, US Executive Order 14028, EU Product Liability Directive (PLD), EU Cyber Resilience Act (CRA) and PCI DSS4.0. If you're passionate about securing open-source software and third-party components, these roles offer a fantastic opportunity to be at the forefront of innovation in SBOM automation and software security. Check out the open positions and take the next step in your career! ???? [JPMorganChase ] Third Party Cybersecurity Operations Associate, Plano (TX) https://lnkd.in/gGhQ8M7m [Bloomberg] Application Security Analyst - Remote https://lnkd.in/gMyiMuvy [ID.me] Threat and Vulnerability Program Lead, McLean (VA), Mountain View (CA) https://lnkd.in/gxrKb4Tr [Tesla]?Part Life Cycle Engineer, Energy Service SBOM, Palo Alto, CA https://lnkd.in/gBkePwKN Good luck, and reach out to Interlynk if you need help getting started: https://lnkd.in/gikYTtSY

??? OpenSSF releases OSPS Baseline ??? The Open Source Project Security (OSPS) Baseline is a set of security criteria that projects should meet to demonstrate a strong security posture. OSPS baseline provides the foundation for best practices in meeting global cybersecurity regulations, such as the EU Cyber Resilience Act (CRA) and the U.S. National Institute of Standards and Technology (NIST) Secure Software Development Framework (SSDF). The controls are organized by maturity level and category. Level 1?? : for any code or non-code project with any number of maintainers or users Level 2?? : for any code project that has at least 2 maintainers and a small number of consistent users Level 3?? : for any code project that has a large number of consistent users Learn more about the OSPS Baseline current version of controls here: https://lnkd.in/gA7q5SGv

?? Interlynk protection against Software supply chain attacks ??? ??? Source modification / malicious insider: Tracking and flagging insecure/anomalous development in software supply chain ??? Tools / dependencies / library takeover: Signed artifacts and pre-warm tools / components in use ??? Supplier / Target: Track all suppliers and continuously monitor their security practices ??? EOL / EOS: auto-detection of EOL/EOS components / parts in use To learn more: https://lnkd.in/ga2F3g29

?? PCI DSS4 becomes effective on March 31st ?? Learn more about PCI DSS4: https://lnkd.in/e9RYTMH7 Learn more about the role of SBOM in meeting PCI DSS requirements: https://lnkd.in/guqfsstQ

The video of the talk at FOSDEM "Towards Quality SBOMs: the OpenChain Telco SBOM Guide" is now available. https://lnkd.in/eB5_6-rK If you want to know more about the OpenChain Telco SBOM Guide, have a look at https://lnkd.in/eM6m82cv