Open-Source Risk: The Ground Zero of Software Supply Chain Security

Presented by

Mike McGuire, Security Solutions Manager, Synopsys; Brandon Dunlap, Moderator

About this talk

When approaching software supply chain security, managing the risk related to open-source usage is often a top consideration for builders of applications. Several notable vulnerabilities, such as Apache Struts and Log4j justify that consideration, demonstrating just how widespread the downstream impacts can be. However, managing open-source risk gets increasingly difficult the more ubiquitous it becomes, and organizations become more complacent as they focus on hardening other nodes of their software supply chain. Join Synopsys and (ISC)² June 28, 2022 at 1:00 p.m. BST as we elevate the conversation beyond tool implementation and discuss the importance of installing an open-source risk management program in order to protect your organizations, and your consumers, from supply chain threats. We will discuss: o Implications of open-source risk o Obstacles to effectively managing open-source risk o The necessary people, processes, and tools to overcome those obstacles
Related topics:

More from this channel

Upcoming talks (9)
On-demand talks (401)
Subscribers (95608)
ISC2 Security Briefings EMEA offers members in Europe, the Middle East and Africa a chance to learn about the latest trends, tools and best practices in cyber, information, software and infrastructure security while earning CPEs