Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

How zero trust helps reduce risk in connected supply chains

What is zero trust and how does a zero trust approach helps reduce risk in connected supply chain decision making? Find out how RKVST helps automate the tracking and sharing of supply chain evidence you can rely on, by integrating with the tools businesses already use today. Jon Geater and Rob Brown from RKVST discuss zero trust at InfoSecurity Europe, London, June 2022.

RKVST - the Archivist of the modern internet

RKVST (pronounced Archivist) is an evidence platform that delivers a reliable chain of custody for supply chain data. It proves and verifies who did what when to any asset in the supply chain which can then be shared with supply chain partners. Jon Geater , Chief Product Officer, talks about RKVST at InfoSecurity Europe, London, June 2022.

Harmonizing the Federal Effort on Automating Software Bill of Materials

When the Biden administration released Executive Order 14028, “Improving the Nation's Cybersecurity”, it included guidance to enhance the security of the nation’s software supply chain. As a result, key building blocks are being developed to both strengthen software security and bolster software Supply Chain Risk Management (SCRM) programs across the Federal government.

SBOM 101 - All the questions you were afraid to ask Software Bill of Materials

During many recent security incidents, we hear a lot of messages about the lack of knowledge of the code dependencies, attacks to the software supply chain, Software Bill of Materials (SBOM), digital signatures, provenance, attestation, etc. The fact is, every time a new vulnerability appears in the landscape, we usually need to spend a lot of time and effort to detect the real impact on the applications and services that are running in our environment.

Mend API Helps Make SBOMs Simple

The proliferation of third-party software components such as open source software(OSS) has triggered a growing need to keep track of it all. Why? Because when security vulnerabilities inevitably crop up in open source components, it’s pretty important to know whether your company uses that piece of code – or whether it appears in the myriad software dependencies inherent in open source.

RKVST (Jitsuin) SCITT Demo from 2019

Supply Chain Integrity, Transparency, and Trust... all in one platform. A little throw-back here...all the way to 2019! SCITT is a hot area right now in 2022 but this is what we've been doing since the beginning. We were even still called Jitsuin :-) This is a very quick run through how making supply chain evidence available to all authorised partners in a supply chain as quickly as possible with Provenance, Governance, and Immutability guarantees can boost trust, reduce risk, and speed operations.

What is SCITT and how does RKVST help?

SCITT in the information security context stands for “Supply Chain Integrity, Transparency, and Trust”. It’s a relatively young discipline and the dust is still settling over its scope and definition but the core is very simple: risk vests in the operator of equipment, but it originates at every point in the supply chain.