My TechDecisions

Search Results: sbom

SBOMs, Microsoft, Salus

Microsoft Open Sources Salus SBOM Tool

Microsoft is open sourcing its SBOM tool Salus to help the IT industry better understand their dependencies on the software supply chain.

July 13, 2022 Zachary Comeau Leave a Comment

Microsoft is open sourcing its software bill of materials (SBOM) tool Salus to help the technology industry and IT decisionmakers better understand the security of their tools and their dependencies on the software supply chain. SBOMs have recently been given heightened importance after several high-profile cybersecurity flaws in popular software products have led to widespread […]

Read More
electronic design, SBOM

Static SBOMs vs Dynamic SBOMs

While more organizations recognize that they need an SBOM, dynamic SBOMS are far superior than static ones.

June 6, 2022 Liran Tancman Leave a Comment

Since the federal government mandate calling for the creation of a software bill of materials (SBOM) to avoid the next SolarWinds or Log4j exposures, software providers have been scrambling to figure out how to create SBOMs that are both effective and dynamic, given that software changes over time. Bills of material have long been standard […]

Read More
SBOMs

What Needs To Be In An SBOM?

With cybercriminals increasingly leveraging the software supply chain, SBOMs are becoming an important tool. This is what they need to include.

March 15, 2022 Zachary Comeau Leave a Comment

When alleged Russian hackers compromised the SolarWinds Orion platform to spy on U.S. agencies and other high-profile entities, the tech industry renewed its call for the adoption of software bills of materials (SBOM) — an inventory of components that make up the final product. Advocates say that will help give IT and cybersecurity professionals the […]

Read More
SBOMs, Microsoft, Salus

SBOMs Will Become A Necessity In IT Ecosystem

New research suggests that a software bill of materials (SBOM) will become a critical piece of software supply chain security.

February 4, 2022 Zachary Comeau Leave a Comment

IT professionals and software developers should prepare for Software Bills of Materials (SBOMs) to become a regular part of the IT ecosystem, according to new research from the Linux Foundation. The term, while already known to IT professionals, became more popular in the wake of several software supply chain security crises, including the SolarWinds compromise, […]

Read More
Cybersecurity Trends

These Trends Will Shape Cybersecurity in 2023

The edge, networks, applications, data, biometrics, IoT and more will be this year's key cybersecurity trends, says AT&T's cyber evangelist.

January 20, 2023 Zachary Comeau Leave a Comment

Over the last few years, trends in cybersecurity have forced the responsbility of keeping networks and systems secure to shift from a handful of IT and security professionals to the entire organization. Now, cybersecuirty is becoming a significant part of any business in the digital era. Organizations are hard-pressed to do anything new or innovate […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

Software Inefficiencies are Costing U.S. Economy Trillions, Study Says

Vulnerabilities, software supply chain problems and technical debt could be costing the U.S. economy $2.4 trillions, Synopsys report finds.

December 6, 2022 Zachary Comeau Leave a Comment

Software quality issues such as vulnerabilities, software supply chain problems and technical debt could be costing the U.S. economy trillions, according to a new report from electronic design automation solutions and services firm Synopsys. The Mountain View, Calif. company’s report, “The Cost of Poor Software Quality in the US,” finds that software quality issues may […]

Read More
Palo Alto Networks Prisma SASE Accenture

Palo Alto Networks Releases Software Composition Analysis in Prisma Cloud

Cybersecurity firm Palo Alto Networks is releasing a context-aware software composition analysis solution to help developers secure software.

September 20, 2022 Zachary Comeau Leave a Comment

Cybersecurity giant Palo Alto Networks is releasing a context-aware software composition analysis solution to help developers safely use open source components to help secure software supply chains. The company’s software composition analysis (SCA) solution will be integrated into its cloud-native application protection platform Prisma Cloud, which Palo Alto Networks says will help developers and security […]

Read More
Log4j, Older Vulnerabilities, CISA KEV

Modern Cyber Threats, Supply Chain Attacks Are Burning Out IT Pros, Experts Say

The constantly shifting IT landscape is breeding more cyberattacks, leading to burnout. Applying psychology concepts to the industry may help.

August 9, 2022 Zachary Comeau Leave a Comment

The software supply chain and our increasing reliance on cloud infrastructure is making protecting IT environments more challenging and leading to cybersecurity burnout among IT  professionals, according to a panel of cybersecurity experts held last week in advance of Black Hat USA this week. Attackers are increasingly leveraging the software supply chain and open-source software […]

Read More
Software Vendor Trust

How to Vet a Vendor’s Transparency and Trustworthiness

With the rise of the cloud and SaaS, organizations should demand transparency of their tech vendors. Here's how to vet their trustworthiness.

August 4, 2022 Zachary Comeau Leave a Comment

Has your organization ever found out about a technology vendor’s security incident from news reports rather than a transparent disclosure to customers from the vendor itself? If so, and that vendor has not profusely apologized for not disclosing that incident, then it may be time to cut bait with that particular provider. That is especially […]

Read More