NSA to developers: We’ve got some software supply chain security tips for you

The new guidance is meant to help US private and public sector organizations defend themselves against supply chain attacks, including the one Russian Foreign Intelligence Service (SVR) hackers deployed against SolarWinds and its customers. “Recent cyberattacks such as those executed against SolarWinds and its customers, and exploits that take advantage of vulnerabilities such as Log4j, highlight weaknesses within software supply chains, an issue which spans both commercial and open source software and impacts both private and government enterprises,” the NSA says in its guidance.

Link: NSA to developers: We’ve got some software supply chain security tips for you
via http://www.zdnet.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: