Integrating Software Supply Chain Security into Security Operations



Sophisticated threat actors are turning to Software Supply Chain attacks to evade today’s defenses. Tactics include inserting malicious code into open-source repositories like npm and PyPi, developing attacks leveraging new software vulnerabilities, and infiltrating vendor development environments to insert malicious packages into their software solutions. In the last year, ReversingLabs observed a 289% increase in threats involving open-source repositories. Gartner goes on to predict that 45% of all organizations will experience a Software Supply Chain attack by 2025. In this webinar, We’ll talk about how Security Teams are adopting new purpose-built tools and tactics, techniques and procedures to protect and respond to Software Supply Chain attacks. We’ll cover how the roles, decisions and actions facing software verification, triage, investigation, detection engineering, and threat hunting operations need to adapt to this new and growing attack vector.


  • SOC tools- detection tools that are important, the importance of building YARA rules
  • DevSecOps policy updates
  • How Log4j woke up the entire organization
  • What type of incident response exercises can the SOC perform
  • How can SOC shift left, ex. SBOM update to automate
  • Adversary emulation using SOC tools

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


When
Tue, Nov 8, 2022, 3:30pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Event Sponsors

Reversing Labs


Organizer
SANS Institute


Contact Event Organizer



Return to search results