Gal Ofri

SLSA Provenance Blog Series, Part 1: What Is Software Attestation

Picture of Gal Ofri Gal Ofri : May 9, 2023 9:00:00 AM

In this blog series, we will uncover the details of SLSA provenance which refers to the ability to trust the authenticity of artifacts. SLSA (Supply chain Levels for Software Artifacts) is focused on protecting software from source through its...

AppSec Threats
Read More

Software Supply Chain Risks: What Every CISO Needs to Know

Picture of Gal Ofri Gal Ofri : Sep 22, 2022 8:45:00 AM

Today most business leaders realize that no matter what industry they operate in, their organizations are truly technology companies that serve...

CISO Best Practices
Read More

Why You Can Still Get Hacked Even After Signing Your Software Artifacts

Picture of Gal Ofri Gal Ofri : Sep 19, 2022 2:58:57 PM

Malicious actors are poisoning your artifacts in an attempt to infect your software supply chain so that you deploy those compromised (i.e.,...

Best Practices Threats
Read More

New Software Supply Chain Attack Installs Trojans on Adobe's Magento E-Commerce Platform

Picture of Gal Ofri Gal Ofri : Sep 15, 2022 2:12:43 PM

A popular vendor of Magento-Wordpress plug-ins/integrations with over 200,000 downloads, has been hacked. This recent attack is a reminder that...

Threats
Read More

What is an SBOM? SBOM explained in 5 minutes

Picture of Gal Ofri Gal Ofri : Apr 11, 2022 6:47:38 AM

SBOM stands for Software Bill Of Materials: a nested description of software artifact components and metadata. This information can also include...

Explainers
Read More

Stay Connected

 Please join our mailing list for future updates and announcements.