4/6/23: #SupplyChainIntegrity Month & SBOMs
Image from CISA.gov

4/6/23: #SupplyChainIntegrity Month & SBOMs

Chainguard Chainguard

Chainguard

Safe source for open source.

发布日期: 2023年4月6日
+ 关注

This week's Security Synopsis will feature resources on how to secure your software supply chain in addition to the weekly snapshot!

April is Software Supply Chain Integrity Month

In partnership with other government agencies, the Cybersecurity and Infrastructure Security Agency has released "Supply Chain Risk Management (SCRM) – The Recipe for Resilience” for the month of April. You can find all the topics discussed and other resources on their webpage.

Find us at KubeCon EU at Booth SU64 or the RSA Conference in SF this month!

Learn all about software supply chain security

We’re building out Chainguard Academy, where you can learn how to make your software supply chain secure by default with tutorials using Wolfi, sigstore , Enforce & more! Here's what new:

Malicious campaigns overwhelm open-source ecosystems

A spam campaign was caught heavily loading bad packages in NPM, which caused the registry service to be sporadically unavailable.?"It was especially concerning that this attack affected the stability of NPM, particularly because NPM is a critical component for modern software developers," Tzachi Zornstain, head of CxDustico at Checkmarx, told SC Media.??

Snyk levels up to keep supply chains secure

Cybersecurity application provider Snyk has added fresh capabilities to its flagship developer security platform to improve programming productivity and help secure software supply chains.

PS: Did you play with our April Fool's project: GitCommitted?

Security Synopsis Security Synopsis

Security Synopsis

3,348 位关注者

订阅

要查看或添加评论,请登录

Chainguard的更多文章

社区洞察

其他会员也浏览了