CSOonline

AI development pipeline attacks expand CISOs’ software supply chain risk

Malicious campaigns targeting code used by developers of AI applications underscore the need to develop comprehensive risk-based programs around software dependencies and components. Widespread flaws ...
Dark Reading

Log4j and the Role of SBOMs in Reducing Software Security Risk

Recent high-profile cybersecurity incidents such as the SolarWinds attack and the Apache Log4j vulnerability have exposed the threats associated with the software supply chain. These can range from ...