How Does Malicious Code Enter Applications?

Presented by

Grant Robertson, Product Manager & Kevin Scribner, Senior Product Manager

About this talk

Malicious code has been making headlines over the past years. The type of attacks may vary, but the consequences are real. We’ve seen a spate of malicious open source components identified within the NPM repository, or an ethical hacker gaining access to the systems of several notable tech companies using publicly hosted packages. Today, threat actors are looking beyond exploiting weaknesses in the application layer. Now they have started taking advantage of the inherent trust associated with open source software. Inadvertently building code with these weaknesses into applications leaves businesses and their customers prime targets of supply chain attacks. Join us as we discuss • What can be classified as malicious code or malware • Some of the techniques that attackers use to inject malicious code into the supply chain • Methods for identifying malicious code and open source components
Related topics:

More from this channel

Upcoming talks (19)
On-demand talks (184)
Subscribers (58588)
Synopsys Software Integrity Group provides integrated solutions that transform the way development teams build and deliver software, accelerating innovation while addressing business risk. Our industry-leading portfolio of software security products and services is the most comprehensive in the world and interoperates with third-party and open source tools, allowing organizations to leverage existing investments to build the security program that’s best for them. Only Synopsys offers everything you need to build trust in your software.