For today’s software organizations security has never been more top of mind. On one side, there is the present and growing threat of being hacked by malicious actors, set out in Crowdstrike’s recent Global threat report. And on the other, there is a wave of cybersecurity regulation from the government to mitigate such cybersecurity vulnerabilities. Software organizations feel the heat from both sides as they work to improve their security posture in ways that will also achieve audit and compliance with new rules.
To meet these challenges, we hear a lot about the software supply chain and the importance of securing it with DevSecOps approaches and golden paths to production. Since the Biden administration’s executive order in 2021, we’ve heard a lot about software bills of materials (SBOMs), and new products, services, and vendors have sprung up to help us with them. But do DevSecOps and supply chain approaches meet our cybersecurity challenges head-on?
Read the original article: