June 7, 2024 at 10:09AM The tech industry faced wake-up calls in 2020 and 2021 with incidents like SolarWinds, Log4j, and Kaseya’s VSA, emphasizing the critical need to refine response strategies to vulnerabilities and supply chain attacks. Both large and small organizations must prioritize comprehensive asset inventories and software bills of materials to effectively respond … Read more
April 26, 2024 at 03:50PM CISO Corner is Dark Reading’s weekly digest for security leaders. This issue covers topics like Cloud Security truths, MITRE ATT&CK’s breach, OWASP’s LLM Top 10, SBOMs’ vulnerability census, cybersecurity pros’ licensure laws, J&J spin-off CISO’s security program, and suggestions for post-SolarWinds SEC disclosures. The articles provide insight and advice for … Read more
April 26, 2024 at 12:37PM Government and security-sensitive firms are requiring software bills of material (SBOMs), listing components of applications. Attackers could exploit this information without sending packets. Larry Pesce warns that publicly accessible SBOMs can expose vulnerabilities. Yet, SBOMs aim to enhance software security, with 60% adoption expected by next year. Pesce advises using … Read more