Barak Brudo / February 27, 2022 Continuous Assurance and Software Supply Chain Security

In this article, we examine the role of Continuous Assurance (CA) in meeting the requirements set by the US National Institute of Standards and Technology and its implementation in your SDLC. First, we take a broad look at Continuous Assurance, why it is needed, and how it works. Then, we provide some examples and recommendations for collecting evidence and explore how this evidence can be used to verify the security of your products.

read More
Barak Brudo / January 25, 2022 NIST SP 800-218 – Overview, Impact, and Compliance

NIST SP 800-218 represents a watershed moment for every organization that supplies software and software services to the United States government. Under these guidelines, suppliers are required to implement secure software development practices throughout the Software Development Life Cycle (SDLC), with the goal of reducing security vulnerabilities and malicious interventions.

read More