Beyond Open-Source Vulnerability Tracking: Comprehensive Software Supply Chain Security with InvisiRisk
Beyond Open Source Vulnerability Tracking: Comprehensive Software Supply Chain Security with InvisiRisk In today’s rapidly evolving digital landscape, securing the software supply chain has become more critical than ever. While tracking open-source software vulnerabilities is essential, it is just one piece of the puzzle. At InvisiRisk, we believe in a holistic approach to software supply […]
InvisiRisk Announces the Launch of its Software Supply Chain GRC Platform
InvisiRisk Launches GRC Platform for the Software Supply Chain InvisiRisk, Inc. is thrilled to announce the launch of its innovative Governance, Risk, and Compliance (GRC) platform for the software supply chain. This groundbreaking solution is set to transform how organizations manage enterprise software risks for both developed and purchased products. Founded by David Pulaski, Mike […]
Could Standard Security Attestations, Powered by InvisiRisk, Have Shielded the NHS supplier from the £3m ICO Fine?
NHS IT Provider Hit with £3m ICO Fine: A Supply Chain Security Wake-Up Call The recent ICO fine levied against an NHS IT provider, Advanced Computer Software Group Ltd (ACSGL), serves as a stark reminder of the critical importance of robust supply chain security. The root cause? A ransomware attack exploiting security vulnerabilities, specifically the […]
The Great NPM Heist – What Happened and How InvisiRisk Protects You
The Great NPM Heist: What Happened and How InvisiRisk Protects You In early September 2025 attackers orchestrated a large-scale supply chain compromise on the NPM registry. They phished several popular package maintainers to gain publishing rights, then pushed malicious updates to over 18 widely used JavaScript libraries (including chalk, debug, ansi-regex, strip-ansi, wrap-ansi, color-convert, etc.). […]