Fantastic Software Supply-Chain Vulnerabilities and How to Defend Against Them

Name: Fantastic Software Supply-Chain Vulnerabilities and How to Defend Against Them
Start: 2023-04-20T18:00:00-04:00
End: 2023-04-20T20:00:00-04:00

Hosted by Ben P. and 4 others

OWASP Northern Virginia Chapter

Details

Abstract:

In this enlightening and engaging talk, Abhay will delve into the world of software supply-chain vulnerabilities and explore the most effective strategies for defending against them. As the software development ecosystem becomes increasingly complex and interconnected, the risks associated with supply-chain vulnerabilities have also grown exponentially.

By sharing captivating anecdotes, insightful case studies, and live demos, Abhay will shed light on the hidden dangers lurking within the software supply chain and offer practical advice for safeguarding organizations against these threats. The talk will cover a wide range of topics, including:

- The evolving landscape of software supply-chain vulnerabilities: An overview of the most notorious incidents and their far-reaching consequences.

- Understanding the attack surface: A deep dive into the common entry points for attackers, such as third-party dependencies, open-source libraries, and CI/CD pipelines.

- Case studies: Real-life examples of high-profile software supply-chain attacks to illustrate the severity and complexity of these threats.

- Risk assessment and mitigation: Essential tools and techniques for identifying and managing software supply-chain risks, such as Software Composition Analysis (SCA) and Software Bill of Materials (SBOM).

- Live demos: Hands-on demonstrations of how attackers exploit supply-chain vulnerabilities and how to effectively defend against them using best practices and cutting-edge solutions.

- Building a resilient software supply chain: Proactive steps organizations can take to secure their software development lifecycle, including vendor management, DevSecOps integration, and continuous monitoring.

By the end of this talk, attendees will have gained a comprehensive understanding of the current state of software supply-chain vulnerabilities, as well as the knowledge and tools necessary to protect their organizations from these ever-evolving threats.

OWASP Northern Virginia Chapter

Fantastic Software Supply-Chain Vulnerabilities and How to Defend Against Them

OWASP Northern Virginia Chapter

Details

Related topics

You may also like