Your Vendor’s Vendor Adds Risk to the Open Source Supply Chain

Organizations rely heavily on third-party vendors and contractors. Smart companies will have a service level agreement (SLA) with each vendor which includes information about the vendor’s approach to cybersecurity—in fact, it’s a best practice to add security to the software supply chain. If only it was that simple. In the real world, the vendor supply..

The post Your Vendor’s Vendor Adds Risk to the Open Source Supply Chain appeared first on Security Boulevard.