202302 Oct

SolarWinds CISO on Developing a More Secure Software Ecosystem After I


The idea that a single compromise could impact hundreds, even thousands, of organizations, including government agencies, became a huge source of alarm. Since the 2020 incident, believed to be perpetrated by Russian state actors, SolarWinds has been public about its plans to boost security by design across the wider software supply chain. Infosecurity Magazine: You have been working on the SolarWinds Next-Generation Build System, which aligns with NIST’s Secure Software Development Framework (SSDF). One of the areas where we really help with that supply chain model is using advanced techniques to do comparison: undertaking multiple builds and comparing them at the end, making sure that they match. We’re still going and we’ve got a great community of small and large security vendors that are helping to push the envelope in new technology and new ways to do things.

Source: Infosecurity-magazine