Tuesday, April 25th, 2023

Software Supply Chain Attack Types and How to Block Them

05:30- 08:00 pm PDT | San Francisco, CA

Event Overview

Software supply chain security is the new hot cybersecurity topic, and rightly so. Adversaries are using the open-source ecosystem as an entry point to gain access to crown-jewel data and compromise enterprise assets. And software supply chain security has become a priority even to the President of the United States.

But often overlooked in this new dynamic are the developers. Their value to the enterprise is immense, and as a result … they have become the new high-value target for software supply chain attackers.

DISCUSSION POINTS

  • Today’s predominant software supply chain attacks – and how to block them
  • 1st, 2nd and 3rd party impacts of software supply chain attacks
  • How to protect developers – the new high-value targets

Moderator

Tom Field

SVP, Editorial

ISMG

Pete Morgan

CSO

Phylum

Speakers

Join Pete Morgan, co-founder and CSO of event sponsor Phylum, to gain his unique insight into software supply chain security risks and defenses.

This 90-minute session will be:

  • Chatham house rules
  • Peer driven
  • Pitch free

Watch brief video of the topic

Venue

Osso Steakhouse, San Francisco

Osso Steakhouse, 1177 California Street, San Francisco, CA

Underwritten by

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation. We analyze open-source packages immediately upon publication to identify risk, and enable policy-driven automation for managing that risk. Phylum currently supports Javascript, Typescript, Python, Ruby, Java, .NET, Go and Rust with more languages coming soon. Phylum integrates seamlessly into CI/CD systems like GitHub, GitLab, and more similar to legacy SCA tools, but results in complete supply chain coverage allowing the proactive blocking of dangerous or illegitimate open source packages. In 2022, Phylum’s analysis of open-source packages identified thousands of new malicious packages, malicious authors, and supply chain risks that culminated in a massive improvement to open-source software and the first inaugural BlackHat Innovation Spotlight award.

Rules of Engagement

By taking part in this discussion you agree that:

  • These events follow Chatham House Rule. Nothing shared will be recorded or distributed anywhere online.
  • If for any reason you need to cancel your reservation, we ask you to let us know 48 hours prior to the event commencing so we can open your seat up to someone else.
  • These are interactive discussions, so we ask that all attendees participate in the discussion. If this is a virtual event, we ask all attendees to join via video.

Upcoming ISMG Events

April 22, 2025

Stop Identity Attacks Across On-Premises, Cloud and in SaaS Environments
See Event

April 24, 2025

DevSecOps for the C-Suite: Balancing Innovation, Security and Compliance DevSecOps for the C-Suite
See Event

April 29, 2025

A Modern Approach to Third-Party Risk Assessments
See Event

May 15, 2025

Data Security Summit: Dallas
See Event

May 22, 2025

Spark USA: The Future of AI-Reinforced Threat Detection
See Event

Upcoming ISMG Events

April 22, 2025

Stop Identity Attacks Across On-Premises, Cloud and in SaaS Environments
See Event

April 24, 2025

DevSecOps for the C-Suite: Balancing Innovation, Security and Compliance DevSecOps for the C-Suite
See Event

April 29, 2025

A Modern Approach to Third-Party Risk Assessments
See Event

EVENT

About

SUBSCRIBE TO STAY UPDATED WITH OUR EVENTS

Twitter icon
linkedin icon

@ISMG_News