Security News > 2022 > October > How the Software Supply Chain Security is Threatened by Hackers
Each of these "Bricks" is itself the product of a long supply chain, making the software supply chain a concept that encompasses every facet of IT: from hardware, to source code written by developers, to third-party tools and platforms, but also data storage and all the infrastructures put in place to develop, test and distribute the software.
Software supply chains have many grey areas that are not addressed by traditional security methods.
For security managers, the challenge was to maintain the velocity of DevOps while reinforcing improved security posture: including security rules from the earliest stages of the development cycle, disseminating best practices, and reducing the mean time to remediation by capturing more "Benign" flaws earlier.
Security software vendors have made great strides in this area, offering developers the opportunity to become familiar with security concepts and become self-sufficient over a wide area.
Software engineers are specialists in automation, so it really made no sense that they could not implement, or even understand, the security rules imposed on them in order to protect the supply chain.
Collaboration between the different professions working along the supply chain is now a priority for information systems security.
News URL
https://thehackernews.com/2022/10/how-software-supply-chain-security-is.html
Related news
- North Korean hackers create Flutter apps to bypass macOS security (source)
- Update your OpenWrt router! Security issue made supply chain attack possible (source)
- 390,000 WordPress accounts stolen from hackers in supply chain attack (source)
- Hackers Exploit Webview2 to Deploy CoinLurker Malware and Evade Security Detection (source)