software-supply-chain-security
Safeguard articles tagged "software-supply-chain-security" — guides, analysis, and best practices for software supply chain and application security.
494 articles
Software supply chain security for medical devices
How FDA premarket cybersecurity rules, medical device SBOMs, and firmware vulnerabilities like Ripple20 and SweynTooth are reshaping supply chain security for connected medical devices.
Securing electronic health record (EHR) software supply c...
How the Change Healthcare breach, weak EHR vendor risk management, and exposed HL7 FHIR APIs turned healthcare's software supply chain into its biggest security gap.
How to conduct a software supply chain risk assessment fo...
A step-by-step guide for insurance carriers to assess software supply chain risk in vendor portfolios, from SBOM collection to continuous monitoring.
Software supply chain security for connected and autonomo...
Modern cars run 100M+ lines of code across 150 ECUs from untracked suppliers. Here's why connected vehicle software supply chain security now demands real SBOMs, not compliance checkboxes.
CMMC 2.0 software supply chain security requirements for ...
CMMC 2.0 now folds SBOMs, third-party component risk, and build-pipeline integrity into defense contractor assessments. Here's what's required, when, and how to prove it.
SBOM requirements under DoD software supply chain risk ma...
A practical breakdown of DoD SBOM requirements — where they came from, how Software Fast Track enforces them, and what happens when contractors can't produce one.
Securing avionics software supply chains under DO-178C
DO-178C verifies that avionics code behaves correctly — but says almost nothing about where its components came from. Here's the supply chain gap and how to close it.
Counterfeit and untrusted component risk in defense softw...
Counterfeit component risk defense software teams face across hardware and code, from gray-market parts to unverified builds, and how illumination catches it.
Software supply chain security for telecom network infras...
Why telecom network software supply chain security demands continuous SBOMs and vendor risk oversight — from 5G base stations to core networks — and how carriers are closing the gap.
5G network function virtualization (NFV) and Open RAN sof...
5G networks now run on open-source-heavy virtualized and Open RAN software stacks. Here's where the real supply chain risk hides, and how to manage it.
Software supply chain security for e-commerce platforms
Real breaches show how plugins, vendor scripts, and headless stacks put online stores at risk — and how to detect supply chain attacks before customers do.
Software supply chain security for critical energy infras...
From Ukraine's 2015 blackout to Volt Typhoon's grid intrusions, attackers exploit trusted vendor software. Here's what utilities need to know about supply chain risk.