Tag: devsecops
-
Why does software development need zero trust?
Disclaimer: The following article is a blog post I wrote for Nexor, based on things I’ve been working on over the past few years. The last few weeks have continued to demonstrate the impact of a compromised software supply chain – whether that’s realised by malicious threat actors or lack of software quality control. CrowdStrike,…
-
DevSecOops: 3CX Hack – Supply Chain Attack
Very recently, 3CX, a VOIP and PBX software developer was compromised. According to their website, over 600,000 businesses globally use 3CX solutions to power voice communications in their business. Some customers include the NHS, Air France, PWC, just to give some context. Policy For Suspected Attacks My jaw hit the floor and bounced back, causing…