2 Posts, 384 Following, 320 Followers · Maker, breaker and fixer of software. Adventures in #appsec and #agile: beny23.github.io he/him| Infosec Exchange
In this post, I am going to look at an increasingly important part of securing applications: Your supply chain. This includes every library, tool or service that you are using to build, run and monitor your service. When the log4shell vulnerability hit, it wasn’t just a matter of looking at the dependencies that your source code pulls in, but also at the infrastructure you’re using and the build pipeline. Have you had a look at the vulnerability reports of your dependencies lately?| beny23.github.io