Manifest Cyber retweetledi
Outstanding work by @manifestcyber now supporting @OASISopen CSAF!
#CyberSecurity #supplychainsecurity #sbom #vex
manifestcyber.com/blog/the-power…
English
Manifest Cyber
31 posts
Manifest Cyber
@manifestcyber
Security startup helping organizations with their end-to-end #SBOM lifecycle to reduce their supply chain risk. Know what you're made of. https://t.co/f6CAGBXdZY
Katılım Mayıs 2022
19 Takip Edilen90 Takipçiler
Listen to Manifest CTO @bardenstein with @brysonbort talking about #sboms for OT/ICS/IIoT asset owners!
linkedin.com/posts/cs2ai-gl…
English
Manifest Cyber retweetledi
Stoked to share this new business alliance announcement with @manifestcyber. Best-in-class ICS/OT cybersecurity consulting combined with expert SBOM and supply chain security. Check it out.
AMPYX CYBER (formerly Ampere Industrial Security)@ampyxcyber
Ampere and @manifestcyber Announce Business Alliance to Strengthen Industrial Cybersecurity Services amperesec.com/blog/ampere-in…
English
Manifest Cyber retweetledi
Ampere and @manifestcyber Announce Business Alliance to Strengthen Industrial Cybersecurity Services amperesec.com/blog/ampere-in…
English
Manifest Cyber retweetledi
Excited to share news about our investment in @manifestcyber, a team deep in security helping businesses understand vulnerabilities in open source software embedded in their products. Every company should be managing SBOMs and Manifest will help them do it axios.com/2023/05/18/man…
English
Manifest Cyber retweetledi
Congrats to the @manifestcyber team for their launch🎉! Manifest reduces software supply chain risk by automatically monitoring SBOMs to find the vulnerabilities embedded in your software & alert you before you even know there’s an issue.
Learn more: axios.com/2023/05/18/man…
English
Manifest Cyber retweetledi
🎧 Listen to the full episode of “daBOM: SBOMs - Where do we put these things?” with Daniel Bardenstein and DJ Schleen talking about the next phase for Software Bill of Materials : daBOM.show/daniel-bardens…
@djschleen @manifestcyber #sbom @SlackHQ
English
We're incredibly honored and excited to be part of this fantastic SVIP cohort to push forward all things #sbom.
Can't wait to get started!
Allan is @allanfriedman on bsky & infosec.exchange@allanfriedman
Excited for the announcement of @dhsscitech SVIP awardees for SW Supply Chain Tools and #SBOM. We're looking forward to working with these great teams. @AppCensusInc @chainguard_dev @deepbits_tech @manifestcyber @ScribeSecurity @testifysec & Veramine dhs.gov/science-and-te…
English
Thanks for coming @mrp ! Was a pleasure to host you and the rest of the group.
Ron Pragides @mrp
Cheers to @firstround and @manifestcyber for hosting tonight’s security salon! 🥃 #RSAC #RSA2023
English
@dhsscitech @CISAgov @deepbits_tech @AppCensusInc @testifysec @ScribeSecurity @dhsscitech this is our handle
English
@shortxstack We are! Feel free to have them reach out to careers@manifestcyber.com, and we'll get in touch.
English
ATTN NERDS:
anyone looking to fill a senior architect/engineering role?
asking for a friend 🤍🌈🤓
English
A sad anniversary indeed. L4J was (regrettably) part of our origin story, and we built a tool that we wished we had back then. It ruined so many folks' holidays, we (not so seriously) joke that our mission at Manifest is to use #SBOM to #SaveTheHolidays.
Allan is @allanfriedman on bsky & infosec.exchange@allanfriedman
Happy log4j-versary! Traditional ways of celebrating are: working long hours from your travel laptop in a relative's guest room, and continuing to ignore what's in your supply chain.
English
@QuinnyPig And that’s why we did this ;)
twitter.com/manifestcyber/…
Manifest Cyber@manifestcyber
This holiday season, we're sending #SBOMs (in the form of squishy stress ball s-bombs) to friends, supporters, colleagues, and advisors in the #softwaresupplychain community. If you work in #sbom, #vex, etc., DM us for one! Guaranteed free of #log4shell 😀 'Tis the CVE-ason!
English
Every time I hear someone pronounce "SBOM" as "s-bomb," I think they've got zero tolerance for profanity and refuse to call something "shitty."
English
This holiday season, we're sending #SBOMs (in the form of squishy stress ball s-bombs) to friends, supporters, colleagues, and advisors in the #softwaresupplychain community. If you work in #sbom, #vex, etc., DM us for one! Guaranteed free of #log4shell 😀
'Tis the CVE-ason!
English
Even better when you see how some "#SBOMs" are actually maintained by federal vendors. We've seen text files, excel files, and other cringe-worthy examples. None of which make it easy for USG to reduce their risk!
Brian in Pittsburgh@arekfurt
CISA/NSA advice on SBOM: Don't just require vendors to provide it; verify it's accurate yourself. NIST/OMB advice to federal agencies on SBOM; Look, as long as they say they keep an internal list of what's in it that's good enough. Making them hand it over is just a hassle.
English
It's amazing how many #SBOM generators don't generate SBOMs that match the original spec (e.g. @CycloneDX_Spec or @SPDXTeam ).
If a field says 'required'.... JUST MAKE SURE IT EXISTS. (especially the SPDX 'DESCRIBES' field).
</rant>
English