Exposing Software Supply Chain Security Blind Spots

Presented by

Michael Sampson, Senior Analyst, Osterman Research; Vince Arneja, Chief Product Officer, GrammaTech

About this talk

Research highlights hidden vulnerabilities in commonly used commercial off-the-shelf software applications Commercial off-the-shelf (COTS) software includes prevalent use of third-party and open-source components creating a software supply chain security blind spot. The findings in a recent Osterman Research report present a serious weakness in the software supply chain of many widely used COTS software applications. This webinar will share results of the research report and discuss how organizations can take a more proactive approach to ensuring a stronger enterprise-wide cybersecurity posture. In this webinar, you will learn: • Why vulnerabilities in COTS software applications are a cybersecurity threat • 100% of all analyzed applications with open-source components in five common software categories (web browsers, email, file sharing, online meetings and messaging) contained vulnerable open-source components • Applications in the meeting and email client categories were the most vulnerable • Critical vulnerabilities (CVSS 10.0) were found in 85% of these applications • New ways of analyzing COTS software applications to better reduce your attack surface and potential for compromise

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (26)
Subscribers (1934)
GrammaTech is a leading global provider of software analysis and testing solutions used by the world's most security conscious organizations to detect, measure, analyze and resolve security and safety vulnerabilities. The company is also a trusted cybersecurity research partner for the nation’s civil, defense, and intelligence communities.