-
Course
- Core Tech
The Evolution of the Software Supply Chain Attack
Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and 5,000+ development teams. Ilkka will walk through how hackers are becoming more successful at breaching Software Supply Chains and what you can do about it.
What you'll learn
Malicious hackers are becoming increasingly adept at attacking the underbelly of the Software Supply Chain. To cause the most damage while remaining undetected, hackers are rapidly evolving their attack methods. For the past 4 years, the State of the Software Supply Chain Report has documented multiple forms of Open Source Software (OSS) Supply Chain attacks including malicious code injection, stealing project credentials, and typosquatting. However, recent reports (March 9, 2020) have surfaced a new type of Software Supply Chain attack. So far, the Octopus Scanner malware has compromised 26 open source projects hosted on GitHub targeting a well known IDE. Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and over 5,000 development teams. Ilkka will walk through how hackers are becoming increasingly successful at breaching Software Supply Chains and what you can do about it.
Table of contents
About the author
DevSecCon is the global community dedicated to DevSecOps to help implement security in the overall development process.
More Courses by DevSecCon