Investigators probing the supply chain attack that hit SolarWinds say attackers successfully hacked the company's Microsoft Visual Studio development tools to add a backdoor into Orion network monitoring security software builds. They warn that other vendors may have been similarly subverted.
In the wake of the SolarWinds breach, NIST's Ron Ross has turned his attention to systems security engineering - and the reality that the adversaries are exploiting it to their advantage better than the defenders are. This disparity, Ross says, has to change.
In this eBook learn how organizations can achieve cyber resilience in an increasingly digitized world. Gain quick tips on how to get the board’s attention and approval on CyberSecurity investments. And finally, deep dive into how to combat cyberattacks effectively with a CyberSecurity Incident Response Program.
Based on a survey of cybersecurity and application-development professionals, this e-book examines the dynamics between development teams and cybersecurity teams regarding the deployment and management of application security solutions. Many industry verticals are represented, including manufacturing, financial...
DevOps and the CI/CD pipeline are revolutionizing application development, test, and cloud delivery, enabling developers to write the application code and define the cloud infrastructure. But this has left many cloud security teams relying on "runtime" security.
Read this guide to learn:
The four primary DevOps...