What You Need to Know About the libwebp Exploit
libwebp exploit timeline CVE-2023-41064; CVE-2023-4863; CVE-2023-5129 On September 7th 2023, researchers at Citizen Lab reported a zero-click exploit that was actively used by NSOs to infect iOS devices with the Pegasus malware – this was disclosed as CVE-2023-41064. A zero-click exploit means that a user is not required to click anything or take any […]
OX Security Named 2023 SINET16 Innovator Award Winner
PRESS RELEASE TEL AVIV, Israel and BOSTON, Massachusetts, September 7, 2023 – OX Security, the industry’s first holistic software supply chain security platform, today announced that it has been named a 2023 SINET16 Innovator Award winner. SINET, an organization with the mission to accelerate Cybersecurity innovation through public-private partnerships, selected 16 winners from a pool […]
Believe the Hype: OX Security in 5 Gartner Hype Cycles
Believe the Hype: OX Security Named in Five Gartner Hype Cycles The Gartner Hype Cycle is used to assess the maturity and potential of emerging technologies. It provides a framework for understanding the various stages in technology adoption and can give insights into innovation and where investments should be made or avoided. OX Security is […]
IBM Ventures to Boost Software Supply Chain Security
Press Release: OX Security Receives Strategic Investment from IBM Ventures to Supercharge Software Supply Chain Security TEL AVIV, Israel, Aug. 15, 2023 /PRNewswire/ — OX Security, the leading software supply chain security solution and founding member of the Open Software Supply Chain Attack Reference (OSC&R), announced today that it received an investment from IBM, […]
OX Security Named a 2023 Gartner® Cool Vendor
OX Security has been named a Cool Vendor by Gartner, in the research firm’s 2023 Cool Vendors™ in Platform Engineering for Scaling Application Security Practices report. In organizations today, individual product teams often implement security tools and practices at their own discretion, exposing their organizations to significant risk. To address this liability, forward-thinking companies have […]
Introducing OX-GPT, AppSec’s First ChatGPT Integration
PRESS RELEASE OX Security Launches OX-GPT, AppSec’s First ChatGPT Integration Customized fix recommendations and cut-and-paste code fixes dramatically reduce remediation times Tel Aviv, Israel, May 18, 2023 — OX Security, a leader in software supply chain security, today announced the launch of OX-GPT, the first ChatGPT integration to improve software supply chain security. With the […]
OX Security Now Available on AWS Marketplace
OX Security Now Available on AWS Marketplace Leading Software Supply Chain Security Solution Made Easily Available to AWS Customers TEL AVIV, Israel, May 2, 2023 /PRNewswire/ — OX Security, the first and only end-to-end software supply chain security solution, has announced that it is now available on the Amazon Web Services (AWS) Marketplace. The availability […]
OX Security joins AWS ISV Accelerate Program
PRESS RELEASE OX Security joins AWS ISV Accelerate Program The program offers joint customers a comprehensive software supply chain security solution for software that runs on or integrates with AWS Tel Aviv, Israel, April 18, 2023 – OX Security, the first end-to-end software supply chain security solution, has announced today that it has been accepted into […]
Meet OSC&R: The First Attack Matrix for Software Supply Chain Security
Current and former cybersecurity leaders from Microsoft, Google, GitLab, Check Point, OWASP, Fortinet and others have already joined the open framework initiative, which is being led by OX Security “Are we protected?” is a simple question your CEO may ask after reading about the latest cyber attack. The honest answer is “I don’t know” because […]
A Step-by-step Guide to the SBOM Executive Order
2020 was the year that our lives were turned upside down, but it also hosted another memorable event: the SolarWinds software supply chain attack. It was a cataclysmic event that affected over 18,000 customers, including nine federal agencies. Worst of all, it was not an isolated incident – the number of software supply chain attacks […]
4 Ways to Shield Your Software from Supply Chain Risks
The software supply chain has changed. Software used to be something we developed; now, it’s something we assemble from SDKs, open-source software, APIs, and so many other resources that we use to make our apps smarter, faster, and more interoperable. However, the downside of all this progress is that your software supply chain has become […]
Ox Security Has An Exciting Announcement!
Ox Security emerges from stealth with $34M to provide end-to-end software supply chain security The company also announced its collaboration with leading cyber-security-conscious enterprises to create an open standard for verifying the security of software throughout the entire development process Tel Aviv, Israel, September 29, 2022 — Ox Security, the end-to-end software supply chain security […]
Security Drift: What it is and How to Manage it
What is security drift? Security drift is when your environments drift or move away from established security baselines or industry standards. This includes infrastructure, configuration, development, staging, and production environments. Security misconfigurations rank fifth on the OWASP list of the top 10 web application security risks. What causes security drift? Generally, administrative users making changes […]
The Anatomy of a PBOM
What does a PBOM consist of, exactly? As we discussed in a previous post, Ox Security’s PBOM (Pipeline Bill of Materials) standard provides a real-time list of software lineage, from the first line of code all the way to release. This helps DevOps/DevSecOps ensure the integrity of every build, verify that all apps in production are […]
Top Security KPIs Every Team Needs to Measure
Automatically apply security and integrity guardrails to ensure that all code in production is secure and originates from secure builds. Automatically apply security and integrity guardrails to ensure that all code in production is secure and originates from secure builds.
PBOM vs SBOM: A New Security Standard
Automatically apply security and integrity guardrails to ensure that all code in production is secure and originates from secure builds. Automatically apply security and integrity guardrails to ensure that all code in production is secure and originates from secure builds.
Why Every Organization Needs Security Champions
Automatically apply security and integrity guardrails to ensure that all code in production is secure and originates from secure builds.