image credit: Adobe Stock

Software developers have a supply chain security problem

July 12, 2022

Via: InfoWorld

Log4j was the bucket of cold water that woke up most developers to their software supply chain security problem.

We’ve spent decades in software building things and obsessing over our production environment. But we’re building on unpatched Jenkins boxes sitting under someone’s desk. We spend all this time protecting our runtimes, then deploy to them using amateur tooling.

Our build environments aren’t nearly as secure as our production environments.

Read More on InfoWorld