Shai-Hulud: The NPM Supply-Chain Attack That Compromised 40+ Packages
Learn how a sophisticated supply chain attack has compromised over 40 NPM packages. This attack is one of the most advanced NPM ecosystem attacks seen to date.
Ali Yazdani
ScanDog Blog
Expert insights, tutorials, and updates from the world of application security
Showing 1-9 of 13 posts
• Page 1 of 2
npm Supply Chain Attack Exposes Millions of Projects
A major supply chain attack hit npm packages like chalk and debug, injecting code to steal crypto wallets.
Ali Yazdani
Achieve SOC 2 and ISO 27001 Compliance With Little Effort With Modern Application Security
Discover how ScanDog helps you achieve SOC 2 and ISO 27001 compliance with little effort with modern application security.
Dimitri Page
SMBs & Compliance: Navigating the EU Cyber Resilience Act and SBOM Requirements on a Budget
Learn how small and mid-sized software teams can prepare for the EU Cyber Resilience Act (CRA) and SBOM requirements—without a full security team. Discover practical, low-cost steps for CRA readiness with ScanDog.
ScanDog Team
Shift Left or Ship Wreck: How to Truly Integrate Security Without Sinking Your CI/CD Pipeline
Shift Left or Ship Wreck: How to Truly Integrate Security Without Sinking Your CI/CD Pipeline
ScanDog Team
SCA Reachability and the War on False Positives
Learn how SCA reachability helps reduce false positives in Software Composition Analysis tools. Discover how Scandog improves SCA signal quality and developer trust.
ScanDog Team
What is ASPM? A Guide to Application Security Posture Management
Discover what ASPM (Application Security Posture Management) is, how it works, and why it's critical to modern DevSecOps. Learn how Scandog empowers teams with ASPM.
ScanDog Team
Why CVSS Scores Aren't Enough: The Need for True Vulnerability Prioritization
Discover why CVSS scores aren't enough for effective vulnerability management. Learn how ScanDog helps organizations prioritize vulnerabilities based on real-world risk.
ScanDog Team
Cutting Through the Noise: How ScanDog Saves Security Teams Hours on False Positives
In today's fast-paced security landscape, the ability to focus on genuine threats is crucial for a proactive defense. However, security teams are often hindered by alert fatigue, caused by an overwhelming volume of false positives. Shockingly, many teams spend up to 12 hours per alert, with as much as 70% of alerts being noise rather than actionable intelligence. At ScanDog, we're revolutionizing vulnerability management by unifying scanner results into one intuitive platform, enabling your team to focus on real risks and respond faster.
ScanDog Team