Cloud Security

Veracode updates security platform with SBOM support

Veracode has announced that its cloud native application security testing platform has received a number of new features, including support for Software Bill of Materials through a new application programming interface, The New Stack reports. With the update, users may generate an SBOM in CycloneDX JSON format through Veracode's new SBOM API, letting developers verify whether the code they are using is free of vulnerabilities. The Veracode SBOM API was introduced to make it easier to provide visibility when using third-party components. By taking manual inventory steps out of software composition analysis, resources and time can be dedicated to quicker update and vulnerability response instead, said Veracode Chief Technology officer and co-founderChris Wysopal. The upgrade comes as software vendors are integrating SBOM generation tools into their offerings, in response to the May 2021 executive order issued by the federal government that highlighted the important role of a Software Bill of Materials in ensuring the integrity of the software supply chain.

Related

LockBit-leaked DC city agency data from third party

Washington, D.C.'s Department of Insurance, Securities and Banking has disclosed that 800GB of data claimed to have been stolen by the LockBit ransomware operation was obtained from an attack against third-party software provider Tyler Technologies following the ransomware gang's threats to expose 1GB of the exfiltrated data to coerce the agency into providing the demanded ransom, reports The Record, a news site by cybersecurity firm Recorded Future.

Related Events

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.