Tag
integrity
Safeguard articles tagged "integrity" — guides, analysis, and best practices for software supply chain and application security.
3 articles
Security Guides
OWASP A08: Software and Data Integrity Failures — A Deep-Dive Guide
Software and Data Integrity Failures rank #8 in the OWASP Top 10 (2021). A deep dive into insecure deserialization, unsigned updates, SolarWinds, and real CVEs.
Jul 6, 20267 min read
Best Practices
Why Dependency Pinning Alone Is Not Enough
Pinning dependencies feels like a complete answer to supply chain risk. It is not — and the gap between pinning and real integrity matters more in 2022 than ever.
May 17, 20226 min read
DevSecOps
SLSA Framework Introduction: Securing Supply Chain Integrity
Google's SLSA framework provides a graduated model for supply chain integrity, from basic provenance to fully verified builds. Here's how it works and why it matters.
Sep 1, 20216 min read