|
|
|
|
|
|
by robshippr
71 days ago
|
|
|
Second major supply chain compromise in a week after the axios npm attack. 40 minutes and 500k machines affected. SOC2 won't catch this. The real question is whether your CI pipeline would have flagged a dependency change that happened between your last build and the one going to prod. Most teams have no visibility into that window at all. |
|
|
Cybersecurity professionals and their certification treadmill crack me up because of this
They get paid less, require more certifications to be marketable, all to simply show actual “computer wizards” where all the blind spots are