Software Supply Chain Security Gaps in Your Application Security Program 2023 - Chicago | Information Security Media Group (ISMG) | 27 July 2023 | Ocean Prime, 87 E Wacker Dr, Chicago, IL 60601, USA
Venue
Ocean Prime
Ocean Prime, 87 E Wacker Dr, Chicago, IL 60601, USA
What is Qwoted?
Qwoted is a free expert network: we help reporters connect with experts & we help those same experts build relationships with top reporters.
| Event Date |
Thu Jul 27 CDT (over 1 year ago)
In your timezone (EST): Thu Jul 27 1:00am - Thu Jul 27 1:00am |
| Location |
Ocean Prime
87 E Wacker Dr, Chicago, IL 60601, USA |
| Region | Americas |
Details
The open-source ecosystem is the lifeblood and starting point of every software supply chain. Packages are downloaded hundreds of thousands of times a day and used in all types of software around the globe. As threat actors increasingly execute more attacks via the open-source software ecosystem, clear gaps have emerged in modern application security.
While most organizations are focused on threats from critical vulnerabilities, attackers have moved on to new, more effective tactics that directly target developers. Even with tools like software composition analysis (SCA), security analytics, endpoint protections and private repositories in place, developers can still easily install open-source packages with malicious code that triggers on install to steal secrets, and install backdoors. Developers are responsible for innovation, have the AWS, SSH and GPG keys, often the signing keys, and unfettered access to build infrastructure and source code version control systems. This makes them the new high-value targets, and the open-source ecosystem is the new permitter.
Discussion Points:
• How bad actors are using the open-source ecosystem to launch software supply chain attacks
• The gaps in your application security program
• How to address these gaps, protect developers and block attacks
Speakers
2023 Speakers
MODERATOR:
Fred Kwong
CISO and VP, DeVry University
Pete Morgan
Co-Founder and CSO, Phylum