Live Webinar – September 8th, 2022 1:00 pm – 2:00 pm EDT
Activity Type: Education – Course or Training 1 Hour 1 PDU
Provider: SD Times (Software Development Times)
Hackers are becoming increasingly sophisticated and calculated in the ways in which they deliver attacks upstream in the software supply chain. There are growing numbers of organized attackers whose sole focus is exploiting vulnerabilities in open source ecosystems, frequently by making their malware appear legitimate.
What’s new is the intensity, volume, frequency, and severity of malicious attacks. The popularity of open source makes repositories the ideal watering hole attacks — poison the well and all who drink from it are impacted.
Once malicious code gets into machines and build environments, it can end up in internal corporate networks and in the final product.
Theresa Mammarella (LinkedIn profile) Developer Advocate at Sonatype; says we must become ever more vigilant in our coding practices as we represent a clear red target with exponential cascading impacts.
We need to be prepared for multiple permutations in the types of malicious targeting, whether on us as developers specifically, or upstream or downstream of us. Top that off with needing to still be aware of legacy software supply chain “exploits,” like Log4j where attackers prey on publicly disclosed open source vulnerabilities left unpatched in the wild.
Your teams need to understand the changing landscape and help put developer-first security tools in place across an organization.
Click to register for:
Threat Landscapes: An Upstream & Downstream Moving Target
0 | 0 | 1.0 |
Technical Project Management | Leadership | Strategic & Business Management |
NOTE: For PMI® Audit Purposes – Print Out This Post! Take notes on this page during the presentation and also indicate the Date & Time you attended. Note any information from the presentation you found useful to your professional development and place it in your audit folder.