Gartner® Report: Innovation Insight for Application Security Posture Management (ASPM), 2023

Download Now
Platform
header mobile nav icon
Platform
warranty-badge-highlight 1
Software Supply Chain Security

dashboard-3 1
Application Security Control Plane

cloud-data-transfer 1
Code To Cloud Traceability

shield-check 1
Compliance & SBOM

Customers Company
header mobile nav icon
Company
book icon primary 200
About Us

briefcase icon primary 200
Careers

message icon primary 200
News

calendar icon primary 200
Events

Resources
header mobile nav icon
Resources
squared pencil icon primary 200
Blog

bookmark icon primary 200
Resource Library

brackets icon primary 200
Open Source

Contact Us
image of blog Gal Ofri

Gal Ofri

Showing all posts by Gal Ofri

Legit Security | In this blog series, we uncover the details of SLSA provenance which refers to the ability to trust the authenticity of artifacts.
AppSec Threats

SLSA Provenance Blog Series, Part 1: What Is Software Attestation

In this blog series, we uncover the details of SLSA provenance which refers to the ability to trust the authenticity of artifacts.

Read More
As software technology continues to evolve, it’s become more important than ever to ensure a secure software supply chain. Here are 4 types of risks every CISO should know.
CISO Best Practices

Software Supply Chain Risks: What Every CISO Needs to Know

As software technology continues to evolve, it’s become more important than ever to ensure a secure software supply chain. Here are 4 types of risks every CISO should know.

Read More
Malicious actors are poisoning your artifacts in an attempt to infect your software supply chain so that you deploy those compromised artifacts to your production servers.
Best Practices Threats

Why You Can Still Get Hacked Even After Signing Your Software Artifacts

Malicious actors are poisoning your artifacts in an attempt to infect your software supply chain so that you deploy those compromised artifacts to your production servers.

Read More
A popular vendor of Magento-Wordpress plug-ins/integrations with 200,000 downloads, has been hacked. This attack is a reminder that malicious 3rd party plug-ins for popular platforms, in this case FishPig integrations for Magento e-commerce platforms, can open the door to critical vulnerabilities.
Threats

New Software Supply Chain Attack Installs Trojans on Adobe's Magento E-Commerce Platform

A popular vendor of Magento-Wordpress plug-ins/integrations with 200,000 downloads, has been hacked. This attack is a reminder that malicious 3rd party plug-ins for popular platforms, in this case FishPig integrations for Magento e-commerce platforms, can open the door to critical vulnerabilities.

Read More
What is an #SBOM, how is it used and why it is important to software supply chain security? We explain the SBOM in 5 minutes, discuss where SBOM adoption is headed and help you think beyond SBOM to gain greater visibility and security across your entire software supply chain environment.
Explainers

What is an SBOM? SBOM explained in 5 minutes

What is an #SBOM, how is it used and why it is important to software supply chain security? We explain the SBOM in 5 minutes, discuss where SBOM adoption is headed and help you think beyond SBOM to gain greater visibility and security across your entire software supply chain environment.

Read More

Schedule a Demo

Book a demo including the option to analyze your own software supply chain.

Book a Demo