Software supply chain exploits are exploding–How to proactively prevent threats

November 18, 2021 Alison Napolitano

Share this Article
Twitter
Email
LinkedIn

Your software supply chain is increasingly coming under attack - straining your existing cybersecurity measures to detect attacks. Can you exclusively rely on this reactive technology, such as antivirus, firewalls, etc., to keep up with the threats and breaches? We all intuitively know that the software deployed to the employee base is vulnerable and susceptible to attack, but until now there hasn’t been a way to proactively prevent these threats. Jim Routh, a former CISO and CSO at MassMutual, Aetna and CVSHealth, will discuss a risk-based management approach to proactively reduce this threat in your organization.

Log4j 2 Vulnerability – Practical Advice and What’s Next for Software Supply Chain Security

If you are a cybersecurity or DevOps professional, you have probably had a very hectic 96 hours ...

GrammaTech IronBank Container for CodeSonar and Wind River VxWorks

The IronBank (also known as the DoD Centralized Artifacts Repository) is a collection of signed con...

Most Recent Articles

Two Key New Features in CodeSonar

Software supply chain exploits are exploding–How to proactively prevent threats

Previous Article

Next Article

Most Recent Articles

CodeSonar 7.3 is available to all customers under current support and maintenance agreements and as always, GrammaTech highly recommends that users upgrade to the latest release. The...

On behalf of the entire GrammaTech CodeSonar product team, I am pleased to announce the general availability of CodeSonar 7.3. As you have an active maintenance contract, you are entitled...

Embedded software development is very close to the development platform used. Whether it’s bare metal development, commercial RTOS or embedded Linux, the tool chain is an important...

GrammaTech’s leading binary Software Composition Technology (SCA) solution, CodeSentry, provides valuable insights to open-source software (OSS) components within your software without...

Actions to Introduce Application Security in DevSecOps

Meeting Resource Demands by Extending Capabilities to the Cloud.

Software Supply Chains bring Unwanted Risk to your Business

Balancing Application Security Testing Results and Resources

Having an SBOM and software inventory aids in identifying 3rd-party vulnerabilities and risk

GrammaTech CodeSonar 7.1, our static application security testing (SAST) solution, can be deployed in both on-premises and hybrid cloud models to seamlessly integrate into existing...

GrammaTech, and T.E.N., the founder of the Information Security Executive (ISE) of the Year Awards, have recently announced a new award category, the Product Security Executive (PSE) of...

This article was originally posted on Solution Review.

Recent high-profile cybersecurity incidents such as the SolarWinds attack and the Apache Log4j vulnerability have exposed the threats associated with the software supply chain. These can...

At a time when “software supply chain attack” has become a household phrase, the recent vulnerability discovered in the Apache Log4J has delivered a wake-up call to both developers and...

We need to know what’s in the software that is supporting our business.

The World Forum for Harmonization of Vehicle Regulations (WP.29) of the United Nations Economic Commission for Europe (UNECE) is a global regulatory forum within the UNECE Inland...

In light of recent high profile software supply chain security issues such as the SolarWinds attack and the Log4j open source vulnerability, we found it important to identify and explain...

As cars become more connected and complex, the amount of software needed is staggering. With 100 million lines of code being standard for current vehicles and up to 300 million for...

Modern static application security testing (SAST) tools are typically used for two main purposes: finding bugs, and finding violations of coding standards. The primary purpose of...

The MISRA C/C++ coding guidelines were created based on concerns about the ability to safely use the C and C++ programming languages in critical automotive systems. Since its inception...