Cyber Risk

Cyber RiskCache Poisoning
Barak Brudo GitHub Cache Poisoning

Do you know what happens under the hood of your CI? Without deep understanding, you might be vulnerable to innovative supply chain attacks. This article describes such an attack.

Read more
Cyber RiskContinuous Assurance & Software Supply Chain Security | Scribe Security
Doron Peri Continuous Assurance: An Integral Practice for Software Supply Chain Security

Continuous Assurance granularly collects evidence about all events in the development life cycle including the product build, and deployment that might affect the eventual software product’s security.

Read more
Cyber RiskWhat is NIST SP 800-218 Cybersecurity Framework? | Scribe Security
Barak Brudo NIST SP 800-218 – What Is This Framework and How To Utilize It

NIST’s Secure Software Development Framework (SSDF) promotes transparency and tamper-resistant measures to reduce the risk of malicious intervention and exposure to vulnerabilities in the Software Development Lifecycle.

Read more
1 4 5 6
Popular Posts
How Scribe Security’s Policy-as-Code Guardrails Curb SDLC Risks Introduced by All Types of DevelopersCollaborating with NCCoE to Strengthen Software Supply Chain and DevOps SecuritySDLC, Supply Chain Security and Compliance Beyond GitHubUnderstanding and Meeting the New Federal Software Security EO 14144: A Practical Guide
Categories