SECURING THE SOFTWARE SUPPLY CHAIN STARTS WITH A SOFTWARE BILL OF MATERIALS (SBOM)

As readers of the AppSec Observer blog are aware, application attacks have continued unabated throughout the massive economic and social changes of the past two years. Most readers are also aware that an increasing number of cyberattacks target the software supply chain. The devastating SolarWinds attack in 2020 was followed by the supply chain attack on Colonial Pipeline that disrupted fuel supplies in the eastern U.S., the attack on Kaseya that impacted hundreds of its customers’ customers, and many more. Frequent supply chain attacks have become something of a “new normal” for those of us whose everyday work involves protecting applications.

DevOps Experience

*** This is a Security Bloggers Network syndicated blog from AppSec Observer authored by Joe Coletta. Read the original post at: https://www.contrastsecurity.com/security-influencers/securing-the-software-supply-chain-starts-with-a-software-bill-of-materials-sbom