Apps under attack: New federal report suggests ways to improve software code pipeline security

The National Security Agency and the Cybersecurity and Infrastructure Security Agency have issued an advisory memo to help improve supply chain defenses in application development software. The memo outlines different deployment risks, ways attackers can exploit these risks, and recommended countermeasures. The memo was created in response to high-profile data breaches, such as the SolarWinds and Log4Shell attacks.