Wednesday, 30 October, 2024 - 16:00–16:40 GMT
Mark Hahn, Qualys
Abstract:
Open-Source Software (OSS) are flourishing and are getting used by at least 90% of companies. Modern applications are built on webs of open-source code, APIs, and third-party integrations.
Because of this hackers are now compromising weak links in existing software supply chains. Software supply chain (SSC) threats include tampering with updates (tainted updates), compromised third-party libraries, vulnerabilities in open-source packages, malicious code or malware in packages etc. Software Supply Chain attacks have an average increase of 742% per year.
This talk covers ways to prevent software supply chain attacks and how to respond when the ecosystem has been tainted.
BibTeX
@conference {302229,
author = {Mark Hahn},
title = {Managing the Risk of Software Supply Chain Attacks},
year = {2024},
address = {Dublin},
publisher = {USENIX Association},
month = oct
}
author = {Mark Hahn},
title = {Managing the Risk of Software Supply Chain Attacks},
year = {2024},
address = {Dublin},
publisher = {USENIX Association},
month = oct
}
