Tabletop Exercise: Is China and Russia in Your Software? How Do You Know?
Do you know what is inside your software?
As software supply chains become increasingly intricate, the threat of foreign adversaries infiltrating critical systems through compromised code has escalated dramatically. With open-source components forming the backbone of modern applications, often with dependency chains 60 levels deep, cybersecurity leaders face a daunting challenge: 6.8% of open-source software is of dubious origin, and over 20% is committed by anonymous developers.
Join us for this hands-on tabletop exercise that draws on intelligence and threat patterns uncovered by a global community of security experts, distilling hard-to-find signals into actionable insights, tracing contributions from potentially hostile nations and detecting recent software supply chain attacks that evade traditional security tools.
Participants will gain:
- Actionable strategies to strengthen software provenance
- Enhanced visibility
- Resilience against increasingly stealthy and sophisticated threats
Speaker and Presenter Information
Trey Ford, CSTO, Bugcrowd
Relevant Government Agencies
Other Federal Agencies, Federal Government
This event has no exhibitor/sponsor opportunities
When
Fri, Jan 30, 2026, 9:00am - 12:00pm
ET
Cost
Complimentary: $ 0.00
Where
Carahsoft Conference & Collaboration Center
11493 Sunset Hills Rd
Reston, VA 20190
Get directions
Website
Click here to visit event website
Event Sponsors
Organizer
Bugcrowd Government Team at Carahsoft
