Author: George Dragoste

  • Blog
  • Author: George Dragoste
How Google is fighting Supply Chain Attacks!
How Google is fighting Supply Chain Attacks!
How Google is fighting Supply Chain Attacks!
How Google is fighting Supply Chain Attacks!

How Google is fighting Supply Chain Attacks!

Google has recently (as of August 31) introduced a bug bounty program dedicated to open source projects in hopes of securing its ecosystem from supply chain attacks. The Google program is called Open Source Software Vulnerability Reward Program (OSS VRP) and it will pay out anywhere from $100 to $31,337. Of course, larger amounts will

New Guidance from NIST on Managing Supply Chain Risks (NIST SP 800-161r1)

The National Institute of Standards and Technology (NIST) has recently released an update on managing risks in the supply chain. This release has not come at a better time given the large increase in supply chain attacks. The cyber security supply chain risk management is a process for managing exposure to cybersecurity risks throughout the

Spring Is Here “Spring4Shell”

There is a new zero-day vulnerability that has the cybersecurity community talking. If you recall not too long ago there was a “Log4Shell” vulnerability that affected millions since this software vulnerability could be exploited in Apache Log4j2. Now this new vulnerability I would like to take some time to talk about goes by the name