Uncategorized

At Scribe Security, we believe the future of cybersecurity hinges on securing software supply chains from the inside out. That’s why we’re proud to collaborate with the National Cybersecurity Center of Excellence (NCCoE) on its Software Supply Chain and DevOps Security Practices project. This initiative convenes public and private sector technology contributors to explore how […]

In recent years, software supply chain attacks have emerged as a significant cybersecurity threat, targeting the complex networks of relationships between organizations and their suppliers. This article delves into notable recent supply chain attacks, examining how they occurred and discussing strategies for prevention and mitigation. From breaches that compromise sensitive data to attacks that exploit […]

Imagine the next board meeting. You, a security leader in your organization, will present your standard deck with risks, mitigations, and incidents. Then, one of the board members will ask: How are you preparing to protect the new AI technologies and the MLOps pipelines that the company is already using?  Here is your answer. AI […]

The traditional approach to securing software products focuses on eliminating vulnerabilities in custom code and safeguarding applications against known risks in third-party dependencies. However, this method is inadequate and fails to address the full scope of threats posed by the software supply chain. Neglecting to secure every aspect of this chain, from production to distribution […]