Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update

Key takeaways from the latest DoD Enterprise DevSecOps Fundamentals update

As the cybersecurity landscape changes and threats evolve, the Department of Defense (DoD) has updated its Enterprise DevSecOps Fundamentals to align development practices with security imperatives further. This is part of a ...
Army Not Ready for February SBOM Deadline

Army Not Ready for February SBOM Deadline

Interview with government IT “Reformer” John Weiler By Deb Radcliff, editor of TalkSecure, sponsored by CodeSecure and syndicated at Security Boulevard & YouTube Starting in February 2025, the U.S. Army will require software bills of ...
Gain visibility and traceability of your software supply chain with SBOMs with new Gartner® report

Gain visibility and traceability of your software supply chain with SBOMs with new Gartner® report

When you better understand the complexities of your software, you take a foundational step toward enhancing security and managing risks in your software supply chain ...
Securing your software supply chain with CISA's new SBOM guidance

Securing your software supply chain with CISA’s new SBOM guidance

With new and increasing cyber threats abound, navigating global software regulations and staying informed and compliant can seem like an unending task. To help mitigate risks within the software applications organizations use ...
EU CRA: Good Intentions, Impossible Requirements

EU CRA: Good Intentions, Impossible Requirements

As the European Union’s Cyber Resilience Act (EU CRA) prepares to publish a final draft, product manufacturers with any “digital” component must comply three years after final publication. If passed, the EU ...
ADDO session: The state of SBOM, what's coming in standards and regulations

ADDO session: The state of SBOM, what’s coming in standards and regulations

In 2021, the Log4j vulnerability catalyzed the industry to take action to boost the security of open source components. The development community is leading this movement, but governments are also taking notice ...
Simplifying SBOM compliance with Sonatype under India's cybersecurity framework

Simplifying SBOM compliance with Sonatype under India’s cybersecurity framework

The Indian Securities and Exchange Board (SEBI) recently took a significant step to enhance software security by incorporating software bill of materials (SBOM) mandates under its Cybersecurity and Cyber Resilience Framework (CSCRF) ...
Patrick Garrity - BTS #38

BTS #38 – The Role of SBOMs in Modern Cybersecurity – Patrick Garrity

| | Podcast, Podcasts, SBOM, supply chain
In this episode of Below the Surface, host Paul Ascadorian and guest Patrick Garrity discuss the complexities of vulnerability tracking and prioritization. They explore various sources of vulnerability data, the significance of ...
SBOM-a-Rama Fall 2024: Sonatype's top 5 takeaways

SBOM-a-Rama Fall 2024: Sonatype’s top 5 takeaways

This month's SBOM-a-Rama Fall 2024 event, hosted by the Cybersecurity and Infrastructure Security Agency (CISA), marked a milestone in the ongoing evolution of software bill of materials (SBOM) adoption ...
A proactive defense: Utilize SBOMs and continuous monitoring

A proactive defense: Utilize SBOMs and continuous monitoring

Navigating the complexities of software supply chain security demands proactive measures to identify and manage vulnerabilities and compliance issues effectively ...