Exploring the next steps for improving SBOM usability across the ecosystem with new data requirements and considerations for vulnerability management.
Explore the FDA's new SBOM requirements for medical devices, detailing the scope, structure, and support information needed for compliance.
Researchers from Ruhr University Bochum have uncovered Terrapin, a new SSH vulnerability (CVE-2023-48795) allowing man-in-the-middle attacks, affecting widely used SSH applications.
Explore the purpose and significance of VEX (Vulnerability Exploitability eXchange) in managing software vulnerabilities, detailing its necessity, applications, and future implications for suppliers and users.
Explore the concept of dependency confusion attacks, how they work, and strategies to prevent them from affecting software supply chains.
An overview of NIST's updated recommendations for managing cybersecurity risks across supply chains, featuring frameworks and templates for organizations.
An overview of the U.S. Senate's hearing on the Log4J vulnerability, highlighting key discussions on software security.
A detailed analysis of the Linux Foundation's SBOM report, outlining key insights into software supply chain security.
Understanding software supply chain attacks and strategies to defend against them.
Exploring the implementation of Zero Trust through Role-Based Access Control (RBAC) with FOSSA.
An overview of the Biden Administration's executive order on cybersecurity and its impact on software supply chain security.
Exploring the implications of the SolarWinds hack and methods to prevent similar software supply chain attacks, with a focus on software composition analysis.
