“This is on top of all the existing vulnerabilities, misconfigurations, and resource constraints,” said Sunil Varkey, a cybersecurity expert. “Too often, appropriate and important considerations for security and privacy are sidelined in this urgency.”
Businesses should use strong security measures to audit third-party software providers, says Keith Prabhu, CEO of Confidis. He emphasized the need for strong security methods in the software life cycle (SDLC) and effective management of the software bill of materials (SBOM).
“In today’s ‘open-source, shared-source’ world, many vulnerabilities enter software because of shared libraries provided by third parties,” Prabhu said. “Another common issue is that various software components of the code are not updated as new versions are released due to mismanagement of the SBOM.”
Source link