Blog

5 Reasons AI and ML are the Future of DevSecOps

As the tech industry continues to gather lessons learned from the SolarWinds and now Codecov breaches, it’s safe to say that artificial intelligence and machine learning are going to play a role in the future of DevSecOps. Enterprises are already experimenting with AI and ML with the hopes of reaping future security and developer productivity …

5 Reasons AI and ML are the Future of DevSecOps Read More »

2 SBOM & Software Supply Chain Security News Items to Watch

2 SBOM & Supply Chain Security News Items to Watch

We aren’t about to stop hearing about the need for a software bill of materials (SBOM) and software supply chains security anytime soon. You can expect more news about a Presidential executive order about SBOMs and a new software supply chain breach at Codecov that we’re all still learning more about. Impending Executive Order about …

2 SBOM & Supply Chain Security News Items to Watch Read More »

Continuous ATO: The Realities and the Myths

Continuous Authority to Operate: The Realities and the Myths

The Continuous Authority to Operate (cATO), sometimes known as the Rapid ATO, is becoming necessary as the DoD and civilian agencies are putting more applications and data in the cloud. Speed and agility are becoming increasingly critical to the mission as the government seeks new features and functionalities to support the warfighter and other critical US …

Continuous Authority to Operate: The Realities and the Myths Read More »

Software Supply Chain Security: Now is the Time to Act

Software Supply Chain Security: Now is the Time to Act

It’s time to make evaluating and mitigating software supply chain security risks at the top of mind as government agencies, corporations, industry analysts, and security firms try to chart a course forward for supply chain security after the SolarWinds hack. Security Challenges  Here are some software supply chain security challenges you should keep at top …

Software Supply Chain Security: Now is the Time to Act Read More »

The SBOM + Threat Intelligence are the Future of Software Supply Chain Security

The SBOM + Threat Intelligence are the Future of Software Supply Chain Security

As organizations open up the software bill of materials (SBOM) to their security teams, there is a future of the SBOM as source data for threat intelligence is becoming abundantly clear. Applying intelligence to SBOM data is a natural step in a world where DevOps and DevSecOps teams use a range of tools and technologies …

The SBOM + Threat Intelligence are the Future of Software Supply Chain Security Read More »

Plugging an SBOM into your DevSecOps Process

Plugging an SBOM into your DevSecOps Process

The software bill of materials (SBOM) is gaining renewed attention and notoriety post-SolarWinds. More companies and government agencies seek deeper transparency into the software components entering their software supply chain. While there are critics out there that believe that the SBOM is a misguided concept for DevSecOps, the continuing evolution of DevSecOps, much less the …

Plugging an SBOM into your DevSecOps Process Read More »

The Software Bill of Materials (SBOM) through an Open Source Lens

The Software Bill of Materials (SBOM) through an Open Source Lens

The software bill of materials (SBOM) and the open source software (OSS) communities have long had close ties because of their community governance models and strategies.  However, OSS projects often don’t ship with SBOMs. 90% of enterprise IT leaders are using enterprise open source today, according to Red Hat’s The State of Enterprise Open Source …

The Software Bill of Materials (SBOM) through an Open Source Lens Read More »

Getting to Know and Love Your Software Bill of Materials (SBOM)

Getting to Know and Love Your Software Bill of Materials (SBOM)

The role of the SBOM in software development and software supply chain security is gaining renewed attention in the aftermath of the SolarWinds Compromise. Here’s an overview of the SBOM, the standards that govern it, and the evolving role it’s playing in software supply chain security. What Is an SBOM? A software bill of materials …

Getting to Know and Love Your Software Bill of Materials (SBOM) Read More »