Software Supply Chain Attacks: Who Owns the Risk and What Can Be Done?

With compromised credentials, attackers can take confidential data, inject malware into the codebase, make significant changes to an application’s functionality or steal code and valuable IP from repositories. As a result, some types of DevOps security, vulnerability and code scanning are being integrated into DevOps processes, yet in many organizations, secrets management remains a basic […]

With compromised credentials, attackers can take confidential data, inject malware into the codebase, make significant changes to an application’s functionality or steal code and valuable IP from repositories. As a result, some types of DevOps security, vulnerability and code scanning are being integrated into DevOps processes, yet in many organizations, secrets management remains a basic functionality that’s fragmented across individual DevOps tools, making them difficult for developers (who don’t have time to become security experts) to manage and secure. He has a wife, two kids and a small patch of land in the greater Boston area, which makes him ineligible to take the black and join the Knight’s Watch, but he’s still an experienced cybersecurity professional and developer who holds a bachelor’s degree in Computer Science and master’s degree in Management Information Systems.
Source: CloudBees