2023 culminated with an intensified wave of attacks on the software supply chain. Here are just a few that our Software Supply Chain Research Team helped expose in the month of December alone:

Checkmarx is a cybersecurity company specializing in static application security testing (SAST), software composition analysis (SCA), and other application security solutions. Through their blog, they offer insights, best practices, and news related to application security, vulnerability management, and secure software development lifecycle (SDLC). Developers and security professionals can learn about emerging threats, industry trends, and strategies for improving application security posture.

Checkmarx

2023 saw an intensified wave of attacks on the software supply chain. Attackers used diverse tactics and deceptive maneuvers, emphasizing the need for advanced approaches. The NSA released recommended practices for securing the software supply chain. Checkmarx offers end-to-end software supply chain security, secrets detection, automated SBOM generation, security scorecard engine, malware detection, and container security.

Checkmarx’ Approach to Software Supply Chain Security