By Arun Balakrishnan, Sr. Director Product Management Identity credentials and source code are critical assets that can create major risks for your organization when exposed by breaches of third-party cloud service companies that provide identity management and software composition analysis. …

By Shinesa Cambric, Microsoft — This article is part of a series showcasing learnings from the Secure Software Summit. With the increase of supply chain attacks on everything from logging software like Log4J to takeovers of important JavaScript packages to compromises of network utility tools like SolarWinds, more and more organizations are recognizing the need…

By Dan Lorenc, Chainguard This article is part of a series showcasing learnings from the Secure Software Summit The Open Source Software (OSS) Supply Chain is under attack. As evidenced by the recent Log4Shell vulnerability, the OSS supply chain is increasingly a focus for attackers seeking to exploit weak links…

By Chetan Conikee This article is part of a series showcasing learnings from the Secure Software Summit The connected world economy and the COVID-19 pandemic forced companies to accelerate digital transformation. Sophisticated cybercriminals have seized this forced acceleration to lay the groundwork for cyberwarfare. In reaction to recent attacks ranging…

Main Branch #25 — Main Branch is a comic strip for developers produced by James Gilbreath, Jason Green, and Vickie Li.

Shifting Security Left is a Work In Progress — What are the biggest concerns on the minds of application security and developers? As part of the inaugural Secure Software Summit event, ShiftLeft polled conference participants on a wide range of topics related to application security, supply chain security, and the current cybersecurity threat environment. The poll included responses from…

Main Branch #24 — Main Branch is a comic strip for developers produced by James Gilbreath, Jason Green, and Vickie Li.

Main Branch #23 — Main Branch is a comic strip for developers produced by James Gilbreath, Jason Green, and Vickie Li.

Malware, or code written for malicious purposes, is evolving. — Software developers face new threats from malicious code as their tools and processes have proven to be an effective and lucrative threat vector. Traditionally, software developers have protected themselves from malicious code like everyone else — by securing their devices, keeping programs updated, and following good security practices. However, recent…