Sigstore explained: How it helps secure the software supply chain

June 9, 2022

Read Time:36 Second

Notable incidents such as SolarWinds and Log4j have placed a focus on software supply chain security. They have also sent security teams in search of tools to ensure the integrity of software from third parties. Software use is ubiquitous, with digital platforms now accounting for 60% of GDP per the World Economic Forum (WEF). While the way we use software has and is changing the world, the methods to ensuring the integrity of software sourced from across the ecosystem is lacking. The software supply chain often lacks the use of digital signatures, and when it doesn’t it typically uses traditional digital signing techniques which can be challenging to automate and audit.

To read this article in full, please click here

Friday Squid Blogging: Squid and Efficient Solar Tech

Google Cloud: Top 5 Priorities for Cybersecurity Leaders Today

AI Vulnerability Finding

Ransomware reaches a record high, but payouts are dwindling

Cyble Urges Critical Vulnerability Fixes Affecting Industrial Systems

Reimagining Democracy

China-based SMS Phishing Triad Pivots to Banks

Google Cloud: China Achieves “Cyber Superpower” Status

Google Cloud: CISOs Demand Simplified Security Tools Amid Growing Tech Complexity