Securing Your Software Supply Chain

Date: April 20, 2022

Open-Source Libraries: What’s Good for the Goose is Good for the Gander.

Whether in the software supply chain or part of your own DevSecOps process, the use of open-source libraries has grown due to the ability to release higher-quality code faster and use third-party innovation at scale. Along with the benefits to organizations, hackers have seized on the opportunity as well.

Far-Reaching Attacks are Exploding!

A software supply chain attack occurs when a vendor’s software is either replaced by malware or when malware is in the distribution bundle. Estimates vary, but there has been roughly 2,800% growth in software supply chain attacks over the last two (2) years. The well-known SolarWinds, Colonial Pipeline, and Kaseya attacks, and the Log4j vulnerability, prove the impact can be felt well beyond ground zero.

Secure Your Digital Innovation.

How do we better control this growing problem? Join Senior Security Engineer Mike Spitzer and DevSecOps Security Consultant Mitch Parish to review the challenges of integrating security controls in the software supply chain, a history of attacks, and the mitigation strategies you can take to secure the digital innovation driving the growth of your organization.