Software Supply Chain Attack Types and How to Block Them
Software supply chain security is the new hot cybersecurity topic, and rightly so. Adversaries are using the open-source ecosystem as an entry point to gain access to crown-jewel data and compromise enterprise assets. And software supply chain security has become a priority even to the President of the United States.

But often overlooked in this new dynamic are the developers. Their value to the enterprise is immense, and as a result … they have become the new high-value target for software supply chain attackers.

We'll meet to discuss during our "Software Supply Chain Attack Types and How to Block Them" Roundtable.

Discussion topics will include:

  • Today's predominant software supply chain attacks - and how to block them
  • 1st, 2nd and 3rd party impacts of software supply chain attacks
  • How to protect developers - the new high-value targets

Join Pete Morgan, co-founder and CSO of event sponsor Phylum, to gain his unique insight into software supply chain security risks and defenses.
Tom Field
Tom Field
SVP, Editorial

Pete Morgan
Pete Morgan
CSO and Co-Founder

Watch a brief video on the topic.
April 25, 2023 | 05:30 - 08:00 pm PDT | Osso Steakhouse- 1177 California Street, San Francisco, CA
By submitting this form you agree to our Privacy & GDPR Statement.
*Please note that this is an invitation-only event and space is limited. All requests to attend will be reviewed by our event staff and approved based on professional qualifications and event capacity. Additionally, these events will not be recorded and the Chatham House Rule will apply.

If you have any trouble submitting this form, please send an email to for assistance.
Sponsored By

Phylum provides powerful, automated software supply chain risk analysis that protects organizations, defends developers and enables secure innovation. We analyze open-source packages immediately upon publication to identify risk, and enable policy-driven automation for managing that risk. Phylum currently supports Javascript, Typescript, Python, Ruby, Java, .NET, Go and Rust with more languages coming soon. Phylum integrates seamlessly into CI/CD systems like GitHub, GitLab, and more similar to legacy SCA tools, but results in complete supply chain coverage allowing the proactive blocking of dangerous or illegitimate open source packages. In 2022, Phylum's analysis of open-source packages identified thousands of new malicious packages, malicious authors, and supply chain risks that culminated in a massive improvement to open-source software and the first inaugural BlackHat Innovation Spotlight award.

ISMG Brands

ISMG’s 30 global media properties provide security professionals with industry and geo-specific news, research and educational events.

April 25, 2023 | 05:30 - 08:00 pm PDT

Software Supply Chain Attack Types and How to Block Them