Please leave your details and we'll let you know when it's up and ready to use.
The US government is in the process of revamping its cybersecurity policies. This includes the release of Secure Software Development Framework (SSDF) version 1.1 by the National Institute of Standards and Technology (NIST), which aims to reduce security vulnerabilities across the Software Development Life Cycle (SDLC). The document provides software vendors and acquirers with “a […]
A new software supply chain attack designed to extract data from applications and websites was found in over two dozen NPM packages.
GitGat is a set of self-contained OPA (Open Policy Agent) policies written in Rego. GitGat evaluates the security settings of your SCM account and provides you with a status report and actionable recommendations.
You cannot trust the signed products and updates of vendors and your very own code might have already been modified or added to. What, then, can you do to really be certain you are not installing malicious files into your system?
On March 22nd NIST released the final version of the SSDF 1.1 (Secure software development framework). We’ll take a look at some of the differences between the final version and the previous draft.
NIST’s Secure Software Development Framework (SSDF) promotes transparency and tamper-resistant measures to reduce the risk of malicious intervention and exposure to vulnerabilities in the Software Development Lifecycle.