ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

SUPPLY-CHAIN-EDI

Securing the chain — software (dependencies) AND commercial (partners).

Definition

EDI risks: (1) upstream dependency attack (log4shell, Solarwinds-style), (2) compromised commercial partner sending fake POs, (3) DUNS spoofing with business impersonation. Countermeasures: SBOM + SLSA for software supply chain, partner verification via X.509 + business validation for commercial supply chain.

Origin

Focus area since 2020-2021 following Solarwinds and Log4Shell attacks.

Example in context

An EDI programme monthly checking dependency SBOMs and OFAC sanctions list against its partners.

  • SBOM — related inventory.
  • SLSA — related framework.

Last updated: May 14, 2026