The industry is collectively aware of the importance of supply chain security. Recent events include a sharp increase in software supply chain attacks, a catastrophic severity and breadth Log4j vulnerability, and even an Executive Order on Cybersecurity.In light of this, Google is looking for contributors to the GUAC open source project (pronounced like the dip).… Continue reading Google Announcing GUAC, a great pairing with SLSA (and SBOM)!
Tag: SBOM
Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance
IntroductionInfrastructure as Service security is almost always the focus when discussing cloud security. platforms as a service (PaaS) and infrastructure as a service (IaaS). In spite of the fact that Organizations typically use 2-3 IaaS providers and frequently use tens to hundreds of SaaS products. A standard set of guidelines called the SaaS Governance Best… Continue reading Best Cloud SaaS Governance Practices from the CSA Cloud Security Alliance