2021 was a peak year for supply chain breaches—as well as vulnerabilities and backdoors in open-source code, software packages and containers. SolarWinds, Kaseya, Codecov, malicious NPM packages, and of course, Log4J are only a partial list of supply chain attacks and open source vulnerabilities that we saw.
What can we learn from past breaches and exploitation of third-party code vulnerabilities to prepare better for the attack vectors, exploitation and breaches we’ll surely see in 2022?
Join us as we discuss:
- The details of the attack vectors, vulnerabilities, and exploits used in the latest breaches and vulnerabilities, including SolarWinds, CodeCov and Log4Shell
- Third-party security risk and preparing for the next third-party vulnerability or breach
- Actions to take when something like this happens, and how to minimize the blast radius
Demi and Lavi will share their experience and expertise, both about how threat actors actually implemented the attack vectors, as well as effective mitigation strategies to reduce third-party risk and contain a breach once it happens. Because as we’ve seen, there’s no question that it will.