MITRE report proposes software supply chain framework to prevent cyber attacks

A group of MITRE researchers is unveiling a new “end-to-end” framework for the software supply chain that incorporates work from the Commerce Department’s “SBOM” initiative on software transparency.

“While no silver bullet exists, establishing and implementing an end-to-end framework for software supply chain integrity will reduce risks from too-big-to-fail applications that are central to private sector enterprises, governments, and the critical capabilities they rely upon each day,” the researchers say in a recent report, “Deliver Uncompromised: Securing Critical Supply...