Free AI web copilot to create summaries, insights and extended knowledge, download it at here

2933

Abstract

MtG7d2nUvFi8TxKpDfOoQ.png)"></div> </div> </div> </a> </div><div id="3df7" class="link-block"> <a href="https://readmedium.com/assessing-supply-chain-geopolitical-risk-c1a74384660d"> <div> <div> <h2>Assessing Supply Chain Geopolitical Risk</h2> <div><h3>ACM.179 Where does the company in your supply chain build, test, and sell their products?</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*mQyFnHUDl6nGW3jWMcaWeg.png)"></div> </div> </div> </a> </div><div id="ab60" class="link-block"> <a href="https://readmedium.com/understanding-the-risk-associated-with-open-source-code-4cb798d510bb"> <div> <div> <h2>Understanding the Risk Associated with Open-Source Code</h2> <div><h3>Before you can resolve the problems with open-source code, you need to understand the risks</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*zJZFgClETRmQyrg_OZrulQ.png)"></div> </div> </div> </a> </div><div id="0dfb" class="link-block"> <a href="https://readmedium.com/solar-winds-breach-eae3ca6773d"> <div> <div> <h2>Solar Winds Breach</h2> <div><h3>Articles by Teri Radichel on the Solar Winds Breach</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/0*H9Ew1KCl-29nZiPR.jpeg)"></div> </div> </div> </a> </div><div id="ad9a" class="link-block"> <a href="https://readmedium.com/considering-where-to-buy-network-devices-204024e9ab90"> <div> <div> <h2>Considering Where to Buy Network Devices</h2> <div><h3>Have you thought about the path your devices take to get to you?</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*YqSa1dfaVLBM6w4oBfcqrw.png)"></div> </div> </div> </a> </div><div id="d3fb" class="link-block"> <a href="https://readmedium.com/evaluating-printer-security-features-705449d00d13"> <div> <div> <h2>Evaluating Printer Security Features</h2> <div><h3>Limiting attack vectors and blast radius of a pri

Options

nter compromise</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*JZb3KQiiZ_X-wX0KWxH51A.png)"></div> </div> </div> </a> </div><p id="0776">This sub-series is really about deploying a static website but I am also diving into the security of the deployment system that deploys the web site, including taking a look at GitHub security, AWS Code Commit, and container and code security and integrity. How do you prevent the injection of rogue code into your deployment pipeline?</p><div id="59de" class="link-block"> <a href="https://readmedium.com/components-for-a-static-web-site-on-aws-8ed895a8cf0f"> <div> <div> <h2>Components of a Static Web Site on AWS</h2> <div><h3>ACM.227 Route 53, TLS, S3, API Gateway, CloudFront, WAF, and triggering Lambda Functions</h3></div> <div><p>medium.com</p></div> </div> <div> <div style="background-image: url(https://miro.readmedium.com/v2/resize:fit:320/1*VRsacGrH9UkJT8HHnDSKZQ.png)"></div> </div> </div> </a> </div><p id="09c3">Follow for updates.</p><p id="4a3a">Teri Radichel | <i>© <a href="https://2ndsightlab.com/?source=post_page---------------------------">2nd Sight Lab</a> 2023</i></p><div id="8b5f"><pre><span class="hljs-section">About Teri Radichel:

⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab</pre></div><div id="caae"><pre><span class="hljs-section">Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~</span>
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation</pre></div><div id="5a42"><pre>Follow <span class="hljs-keyword">for</span> more stories like <span class="hljs-keyword">this</span>:

❤️ Sign Up my Medium Email List ❤️ Twitter: <span class="hljs-meta">@teriradichel</span> ❤️ LinkedIn: https:<span class="hljs-comment">//www.linkedin.com/in/teriradichel</span> ❤️ Mastodon: <span class="hljs-meta">@teriradichel</span><span class="hljs-meta">@infosec</span>.exchange ❤️ Facebook: 2nd Sight Lab ❤️ YouTube: @2ndsightlab</pre></div><figure id="faf5"><img src="https://cdn-images-1.readmedium.com/v2/resize:fit:800/0*H9Ew1KCl-29nZiPR.jpeg"><figcaption></figcaption></figure></article></body>

Supply Chain Security

Stories on preventing supply chain attacks by Teri Radichel

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

⚙️ Check out my series on Automating Cybersecurity Metrics. The Code.

🔒 Related Stories: Cybersecurity | Appsec | Secure Code

💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

These are a few stories I’ve written about trying to secure the supply chain. Attackers have been known to leverage vendor systems, deployment systems, third-party contractors, and open source software to get into organization systems and data. There are also geo-political forces at work with objectives such as corporate espionage or breaches of national security. These stories attempt to address some of those issues.

Software integrity and Software Bill of Materials (SBOM) are challenging topics and I hope to write about them more in the future.

How well do you know your vendors?

Vendor due diligence and monitoring

medium.com

Assessing Supply Chains ~ The People

When assessing potential products include a review of executives, technical staff, investors, and board of directors

medium.com

Assessing Supply Chain Geopolitical Risk

ACM.179 Where does the company in your supply chain build, test, and sell their products?

medium.com

Understanding the Risk Associated with Open-Source Code

Before you can resolve the problems with open-source code, you need to understand the risks

medium.com

Solar Winds Breach

Articles by Teri Radichel on the Solar Winds Breach

medium.com

Considering Where to Buy Network Devices

Have you thought about the path your devices take to get to you?

medium.com

Evaluating Printer Security Features

Limiting attack vectors and blast radius of a printer compromise

medium.com

This sub-series is really about deploying a static website but I am also diving into the security of the deployment system that deploys the web site, including taking a look at GitHub security, AWS Code Commit, and container and code security and integrity. How do you prevent the injection of rogue code into your deployment pipeline?

Components of a Static Web Site on AWS

ACM.227 Route 53, TLS, S3, API Gateway, CloudFront, WAF, and triggering Lambda Functions

medium.com

Follow for updates.

About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight Lab

Need Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for Presentation

Follow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab