Tabletop Exercise: Is China and Russia in Your Software? How Do You Know?
Do you know what is inside your software?
As software supply chains become increasingly intricate, the threat of foreign adversaries infiltrating critical systems through compromised code has escalated dramatically. With open-source components forming the backbone of modern applications, often with dependency chains 60 levels deep, cybersecurity leaders face a daunting challenge: 6.8% of open-source software is of dubious origin, and over 20% is committed by anonymous developers.
Join us for this hands-on tabletop exercise that draws on intelligence and threat patterns uncovered by a global community of security experts, distilling hard-to-find signals into actionable insights, tracing contributions from potentially hostile nations and detecting recent software supply chain attacks that evade traditional security tools.
Participants will gain:
- Actionable strategies to strengthen software provenance
- Enhanced visibility
- Resilience against increasingly stealthy and sophisticated threats
Speaker Details
Trey Ford, CSTO, Bugcrowd
Event Topic
Defense, DevOps/DevSecOps, ITRelevant Audiences
All Federal GovernmentOther Agency
Other Federal Agencies
Event Type
Onsite
Event Subtype
Conference / Summit, Workshop / Training
When
Fri, Jan 30, 2026 | 9:00 am - 12:00 pm ET
Registration Cost
Complimentary
Location
Carahsoft Conference & Collaboration Center
11493 Sunset Hills Rd
Reston, Virginia, US, 20190
Sponsors