A lack of agreement on the definition of the software supply chain can cause security teams to focus ... out their movements—political activism, social justice, and a push-back again ...

Log4j was the bucket of cold water that woke up most developers to their software supply chain security ... was staff software engineer and lead for Google’s Open Source Security Team (GOSST).

Thus, today’s increasingly complex software supply chain requires a whole new security method ... “Reverse engineering SBOMs isn’t going to work and will defeat the purpose of them before ...

But what is a developer or security engineer actually supposed to do? There is no amount of throwing money at the problem that is going to solve this software supply chain security challenge and ...

securing the supply chain is not just about protecting your vendors — it's about safeguarding your entire business ecosystem. Malleswar Reddy Yerabolu is a senior security engineer with more ...

Darren Meyer, staff research engineer at Endor Labs, thinks another change that could help organizations improve supply chain software security is better defining what constitutes software and ...

Dan Lorenc is co-founder and CEO of Chainguard, a leading software supply chain security company. Dan has been working on and worrying about containers since 2015 as an engineer and manager at Google.

Effective tools and methodologies exist for discovering and remediating software supply chain security risks that ... technical skills with a focus on social and political matters helps ...

--(BUSINESS WIRE)--Lineaje, the full-lifecycle software supply chain security company ... and customers," said Pippin Wallace, senior security engineer at Favor Delivery. "We required a solution ...