How To Address Digital Supply Chain Vulnerabilities

Most organizations do everything they can to manage third-party risks associated with their vendors, agents, resellers and...

Coming to Security Mandate Near You: SBOMs

The recent executive order will expand what companies must disclose to the government when a data breach occurs. Like the...

A Practical Approach to Shifting Security Left

There are two important considerations when adding security to an existing DevOps pipeline. The first is security in code,...

What the Building In Security Maturity Model (BSIMM) Says About the Role of SAST and SCA

The BSIMM is an annual study of the real-world software security initiatives – “SSIs” in the report - across the software...