DoDIIS Worldwide Webinar Series: Three Fundamental Safeguards that Stop Unauthorized Code in Software Supply Chain



The increasing sophistication of cyber threats, especially those targeting critical infrastructure, has catalyzed a national directive for enhanced cybersecurity measures, as signified by Executive Order 14028. Nation-state actors and other advanced threats are exploiting software supply chains with such efficacy that the integrity of our critical systems is at constant risk. The diverse and complex nature of the software utilized by agencies amplifies this threat, with the potential for a single unauthorized code insertion to trigger catastrophic failures.

This on-demand webinar armed attendees with knowledge and strategies to halt unauthorized code from compromising your software supply chain. Faisal Razzak of Venafi guided attendees through three foundational safeguards that are indispensable for a secure software supply chain:

  • Robust Code Signing Processes: We'll discuss how to establish a verifiable identity for software components, preventing unauthorized code from penetrating your supply chain.
  • Rigorous Protection of Signing Keys: Learn to defend the digital keys that underpin the trust in your software, ensuring they remain out of reach from cyber adversaries.
  • Strategic Utilization of Software Bills of Materials (SBOMs): Discover how SBOMs contribute to transparency and accountability, supporting a thorough risk analysis and proactive vulnerability management.

In addition to these pillars, we underscored the necessity of application control measures, such as allowlisting, to ensure that only vetted and approved code is executed across your networks. This practice is crucial in maintaining a tight security posture against unauthorized code, aligning with leading security standards and frameworks, such as NIST, CIS, PCI DSS, CMMC, OWASP, ISO/IEC 27001, Essential Eight, and the Zero Trust Security Framework. 

Attendees joined Faisal Razzak in navigating the complexities of stopping unauthorized code, standardizing best practices, and reinforcing software supply chain against the ever-evolving landscape of cyber threats.

Speaker and Presenter Information

Faisal Razzak, Group Product Manager, Venafi

Relevant Government Agencies

DOD & Military, Other Federal Agencies, Federal Government, State & Local Government


    Register


    Register


    Event Type
    On-Demand Webcast


    This event has no exhibitor/sponsor opportunities


    Cost
    Complimentary:    $ 0.00


    Website
    Click here to visit event website


    Event Sponsors


    Organizer
    Venafi Government Team at Carahsoft


    Contact Event Organizer



    Return to search results