I thought this commentary from Neatsun Ziv of Ox Security was interesting and well done - it's a straight-up appsec piece, which I don't get a lot of. He describes the OSC@R framework for software supply chain security and pulls out 3 lessons from the framework team's first report. #DarkReading #AppSec #OSCAR #OSC@R #softwareSupplyChain #journalism #commentary https://www.darkreading.com/application-security/lessons-from-osc-r-on-protecting-the-software-supply-chain
Lessons From OSC&R on Protecting the Software Supply Chain
A new report from Open Software Supply Chain Attack Reference (OSC&R) provides a framework to reduce how much vulnerable software reaches production.Neatsun Ziv (Dark Reading)