Nsa To Developers We Ve Got Some Software Supply Chain Security Tips For You
The new guidance is meant to help US private and public sector organizations defend themselves against supply chain attacks, including the one Russian Foreign Intelligence Service (SVR) hackers deployed against SolarWinds and its customers. “Recent cyberattacks such as those executed against SolarWinds and its customers, and exploits that take advantage of vulnerabilities such as Log4j, highlight weaknesses within software supply chains, an issue which spans both commercial and open source software and impacts both private and government enterprises,” the NSA says in its guidance....