The U.S. OMB recently released its latest deliverable as part of President Biden's cybersecurity executive order. Former federal CISO Grant Schneider discusses this guidance and shares best practices for agencies and organizations to improve the security of their software supply chain.
Have you noticed that there's a cultural gap between software developers and application security practitioners? This gap can challenge application security maturation within the Software Development Lifecycle (SDLC).
We'll examine how you can stimulate cultural change to mature your software development group,...
The SolarWinds supply chain compromise has raised questions over how to detect software that has been tainted during the vendor's development and build process. A concept called verified reproducible builds could help, says David Wheeler of the Linux Foundation.