Tuesday, April 25th, 2023

Software Supply Chain Attack Types and How to Block Them

05:30- 08:00 pm PDT | San Francisco, CA

Event Overview

Software supply chain security is the new hot cybersecurity topic, and rightly so. Adversaries are using the open-source ecosystem as an entry point to gain access to crown-jewel data and compromise enterprise assets. And software supply chain security has become a priority even to the President of the United States.

But often overlooked in this new dynamic are the developers. Their value to the enterprise is immense, and as a result … they have become the new high-value target for software supply chain attackers.

DISCUSSION POINTS

  • Today’s predominant software supply chain attacks – and how to block them
  • 1st, 2nd and 3rd party impacts of software supply chain attacks
  • How to protect developers – the new high-value targets

Moderator

Tom Field

SVP, Editorial

ISMG

Pete Morgan

CSO

Phylum

Speakers

Join Pete Morgan, co-founder and CSO of event sponsor Phylum, to gain his unique insight into software supply chain security risks and defenses.

This 90-minute session will be:

  • Chatham house rules
  • Peer driven
  • Pitch free

Watch brief video of the topic

Venue

Osso Steakhouse, San Francisco

Osso Steakhouse, 1177 California Street, San Francisco, CA

Underwritten by

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation. We analyze open-source packages immediately upon publication to identify risk, and enable policy-driven automation for managing that risk. Phylum currently supports Javascript, Typescript, Python, Ruby, Java, .NET, Go and Rust with more languages coming soon. Phylum integrates seamlessly into CI/CD systems like GitHub, GitLab, and more similar to legacy SCA tools, but results in complete supply chain coverage allowing the proactive blocking of dangerous or illegitimate open source packages. In 2022, Phylum’s analysis of open-source packages identified thousands of new malicious packages, malicious authors, and supply chain risks that culminated in a massive improvement to open-source software and the first inaugural BlackHat Innovation Spotlight award.

Rules of Engagement

By taking part in this discussion you agree that:

  • These events follow Chatham House Rule. Nothing shared will be recorded or distributed anywhere online.
  • If for any reason you need to cancel your reservation, we ask you to let us know 48 hours prior to the event commencing so we can open your seat up to someone else.
  • These are interactive discussions, so we ask that all attendees participate in the discussion. If this is a virtual event, we ask all attendees to join via video.

Upcoming ISMG Events

February 11-12, 2025

Virtual Summit: Cybersecurity Implications of AI
See Event

February 12, 2025

Have We Shifted Too Far Left? Engineering, InfoSec, and Customer Identity Ownership
See Event

February 20, 2025

MLOPs and the Role of Gen AI in Securing the Software Supply Chain
See Event

February 20, 2025

Managing Your Expanded Attack Surface Using Automation: The Security Promise
See Event

February 20, 2025

Securing the Modern Payment Rails
See Event

Upcoming ISMG Events

February 11-12, 2025

Virtual Summit: Cybersecurity Implications of AI
See Event

February 12, 2025

Have We Shifted Too Far Left? Engineering, InfoSec, and Customer Identity Ownership
See Event

February 20, 2025

MLOPs and the Role of Gen AI in Securing the Software Supply Chain
See Event

EVENT

About

SUBSCRIBE TO STAY UPDATED WITH OUR EVENTS

Twitter icon
linkedin icon

@ISMG_News