Source |
CSO |
Identifiant |
8306331 |
Date de publication |
2023-02-01 11:00:00 (vue: 2023-02-01 20:08:28) |
Titre |
New “MITRE ATT&CK-like” framework outlines software supply chain attack TTPs |
Texte |
A new open framework seeks to outline a comprehensive and actionable way for businesses and security teams to understand attacker behaviors and techniques specifically impacting the software supply chain. The Open Software Supply Chain Attack Reference (OSC&R) initiative, led by OX Security, evaluates software supply chain security threats, covering a wide range of attack vectors including vulnerabilities in third-party libraries and components, supply chain attacks on build and deployment systems, and compromised or malicious software updates. Cybersecurity professionals among the matrix's founding consortium include representatives from GitLab as well as former leaders from Microsoft, Google Cloud, Check Point Technologies, and OWASP.To read this article in full, please click here |
Envoyé |
Oui |
Condensat |
actionable among article att&ck attack attacker attacks behaviors build businesses chain check click cloud components comprehensive compromised consortium covering cybersecurity deployment evaluates former founding framework from full gitlab google here impacting include including initiative leaders led libraries like” malicious matrix microsoft new open osc&r outline outlines owasp party please point professionals range read reference representatives security seeks software specifically supply systems teams techniques technologies third threats ttps understand updates vectors vulnerabilities way well wide “mitre |
Tags |
Guideline
|
Stories |
|
Notes |
★★★
|
Move |
|