Supply Chain - The Achilles Heel of the Modern Economy

n an era where digital ecosystems power everything from banking and critical infrastructure to mobility, healthcare, and e-commerce, software supply chains have become the Achilles heel of the modern economy. As organisations accelerate development, integrate AI, and rely on vast open-source ecosystems, the attack surface is expanding at a pace that defenders struggle to match.
Join us for an in-depth, community-driven OWASP Tirana Meetup focused on understanding, securing, and strengthening software supply chains. This event brings together practitioners, engineers, researchers, and security leaders to explore the systemic risks, emerging attack patterns, and practical strategies to safeguard the components, dependencies, and pipelines that modern software relies on.

### What You Will Learn

• The evolution of supply chain attacks and why they now represent the #1 systemic cyber risk.
• Lessons from SolarWinds, Log4Shell, XZ Utils, and other landmark incidents.
• How adversaries infiltrate organisations through dependencies, build systems, CI/CD pipelines, and compromised maintainers.
• Using OWASP SCVS, OWASP Dependency-Track, and the emerging AI supply chain frameworks to build resilience.
• Practical defensive measures: SBOMs, provenance, artifact signing, SLSA, OSSF controls, and Zero Trust builds.
• How supply chain security intersects with regulatory initiatives such as EU Cyber Resilience Act, NIS2, and upcoming global standards.