2022: The year of software supply chain security

If 2020 was the calendar year that we grew to become acutely conscious of the shopper products source chain (toilet paper, anyone? Anyone?), then 2021 was the calendar year that the software program source chain rose in our collective consciousness. In maybe the most infamous attack of the calendar year, thousands of consumers, which includes various US government agencies, downloaded compromised SolarWinds updates.

Alas, SolarWinds was not on your own. In truth, the weaknesses in our software program source chain were being all too apparent with the latest Log4j vulnerability. Log4j is a broadly applied open source Java logging framework, so the vulnerability has set tens of thousands of programs (ranging from info storage expert services to on line video games) at threat.

With so significantly evenly maintained code working in generation, the software program source chain is ripe for exploits like the Log4j vulnerability. This is a incredibly

Read More