Focuses on securing the software development and distribution pipeline from code repositories to deployment. Addresses risks such as dependency hijacking, compromised build environments, and malicious code injection in trusted software packages.
posts
A Trusted Software Update Became the Biggest Backdoor in History In December 2020, FireEye disclosed that threat actors had compromised SolarWinds Orion — a network monitoring platform used by 33,000 organizations, including multiple U.S. federal agencies. The attackers embedded malicious code into a routine software update. Every organization that
In December 2020, security firm FireEye disclosed that threat actors had compromised SolarWinds' Orion software platform — and with it, roughly 18,000 organizations that installed a poisoned update. Government agencies, Fortune 500 companies, and critical infrastructure operators all got hit through a single trusted vendor. That's the
