Following the news of the LocalBitcoin hack that happened over the weekend and resulted in a total of BTC7.9 stolen from six different accounts, Lamar Bailey, Director of Security research and development at Tripwire, explains the risks of using a third-party software and how companies should protect themselves from this type of attacks.
Lamar Bailey, Director of Security Research and Development at Tripwire:
“Third-party software can be a blessing or a curse. Using a third-party application or service can greatly increase your time to market for a product but you must do your due diligence and validate the security of the code you are integrating. All too often we see security issues and breaches blamed on third party where the blame is generally on the company that integrated the third-party code without a detailed security review.
When integrating third party companies should at a minimum looks at history of vulnerabilities, secure coding practices, security testing procedures, and do a security audit of the code before it is integrated.”
Enterprise #SupplyChain software can introduce information #security risks to companies, particularly those relying on third-party vendors without having the proper controls in place. @pnils @schellmanco @JBWilsonLaw @radware @search_ERP https://t.co/wtgiBFloM3
— WhatIs.com (@WhatIsDotCom) January 28, 2019