incident-analysis
Safeguard articles tagged "incident-analysis" — guides, analysis, and best practices for software supply chain and application security.
52 articles
Dropbox 2022: The Supply Chain Angle
Dropbox's 2022 GitHub phishing incident began with a developer-targeted CircleCI lookalike campaign; the supply chain lessons centered on CI tokens and code.
Cisco Duo Incident: Supply Chain Depth
Cisco Duo's 2024 disclosure about a telephony provider breach exposed SMS and voice MFA logs; the supply chain depth of authentication vendors is the story.
Twilio 2022 Incidents: Supply Chain Lessons
Twilio disclosed two social engineering incidents in 2022 that cascaded through its customer base; the supply chain lessons remain relevant for any B2B vendor.
Lessons from SolarWinds: Two Years Later
Two years after the SolarWinds breach reshaped cybersecurity, we examine what the industry actually learned and what organizations still get wrong about supply chain security.