Zhihao Tan, Director, Solution Architects – APJ, Aqua Security
We’ve seen this story play out in grand fashion over the last year: attackers are using the software supply chain to inject malicious artifacts into CI/CD pipelines and execute elaborate kill chains in production. Traditional software testing techniques are ill-equipped to detect these advanced threats that only initiate during runtime, and cloud native ecosystems add multiple layers of complexity. Now, today’s best practices for DevSecOps all but oblige security teams to implement complete pre-production analysis of runtime behavior, to provide detailed documentation of the attack kill chain, and to facilitate proper remediation at the risk’s source.
Join Aqua Security as we discuss supply chain security for today’s cloud native software ecosystems, exploring:
• Advanced threats in the software supply chain
• Security implications of cloud native and DevOps methodologies
• Best practices for detecting malware and mitigating risks before production deployment
Presenter: Zhihao Tan, Director, Solution Architects – APJ, Aqua Security
Moderator: Paolo Miranda, CISSP, Volunteer Outreach Director, (ISC)² Singapore Chapter