Log In

Sandworm Knowledge Base

Supply Chain Attack Types

Supply Chain Security
Supply chain attacks have grown to become a significant threat in software development. Malicious actors target vulnerabilities in the software supply chain to compromise applications and systems.

Software Bill of Materials (SBOM)

Supply Chain Security
In the realm of software development and cybersecurity, the term "Software Bill of Materials" or SBOM has gained significant attention and importance. An SBOM serves as a crucial component for managing, securing, and understanding software assets in various industries.

Container Security

Supply Chain Security
Container security is the practice of protecting containerized applications from potential risk using a combination of security tools and policies. Containers are a lightweight form of virtualization that allow developers to package their applications with all the dependencies they need to run in any environment. This makes them a popular choice for modern development and deployment practices.

Web Application Firewalls (WAF)

Secure Coding Practices
Web Application Firewalls (WAFs) stand as an essential defense against a wide array of cyber threats. In this article, we will delve into the world of WAFs, understanding what they are, why they matter, and how to effectively implement them to protect your web assets.

Static and Dynamic Code Analysis

Secure Coding Practices
Static and dynamic code analysis are two powerful techniques that help identify vulnerabilities, bugs, and security weaknesses early in the development process.

Secure Software Development Lifecycle (SSDLC)

Secure Coding Practices
In the realm of web application development, Secure Software Development Lifecycle (SSDLC) is a systematic and structured approach to integrating security into every phase of the software development process.

DevSecOps Practices

Supply Chain Security
DevSecOps, a fusion of "Development," "Security," and "Operations," is a set of practices that embed security into every phase of the software development lifecycle. By seamlessly integrating security measures with DevOps processes, organizations can create more secure applications while maintaining agility and speed.

SBOM Standards and Formats (e.g., CycloneDX)

The Software Bill of Materials (SBOM) is a critical component in modern software development and cybersecurity. It provides a detailed inventory of the components and dependencies that make up a software application.

Generating and Managing SBOMs

A Software Bill of Materials (SBOM) is a critical component in the realm of software development, cybersecurity, and supply chain management. It provides detailed information about the components and dependencies within a software application, making it an invaluable asset for organizations seeking to enhance transparency, security, and compliance in their software development processes.

Vulnerability Management for OSS

Open Source Risks
Open Source Software (OSS) has revolutionized the way software is developed and used, offering numerous benefits like cost savings, flexibility, and community-driven innovation. However, like any software, OSS is not immune to vulnerabilities and security risks.
17 articles