Threat Actors Want Access to Your SDLC -- Here's How to Secure Them

Presented by

Mandeep Singh (Sonatype), Tim Vrablik (Sonatype)

About this talk

Bad actors are increasingly finding new ways to disrupt the software development supply chain. Whether via dependency confusion, typosquatting, or malicious code injections, attacks on the software supply chain increased 633% over the prior year, with the average cost of a data breach being $4.35 million. Worst of all, many organizations believe they can eliminate these attacks by waiting to scan software before it enters staging / production, when in many cases that is too late. How can development teams protect their pipelines from these attacks without blowing up their toolchain or slowing the pace of innovation required to remain competitive? Join this webinar to learn about the most common types of supply chain attacks, and how Repository Firewall is not only your first line of defense but is the easiest solution to securing your supply chain and artifact repositories. Learnings: - Trends and impact of malicious software supply chain attacks - How DevSecOps can improve security without negatively impacting developer productivity - See how Repository Firewall can protect your software supply chain and integrate with your existing toolset
Related topics:

More from this channel

Upcoming talks (3)
On-demand talks (17)
Subscribers (5005)
Sonatype is the software supply chain management company. We empower developers and security professionals with intelligent tools to innovate more securely at scale. Our platform addresses every element of an organization’s entire software development life cycle, including third-party open source code, first-party source code, infrastructure as code, and containerized code. Sonatype identifies critical security vulnerabilities and code quality issues and reports results directly to developers when they can most effectively fix them. This helps organizations develop consistently high-quality, secure software which fully meets their business needs and those of their end-customers and partners. More than 2,000 organizations, including 70% of the Fortune 100, and 15 million software developers already rely on our tools and guidance to help them deliver and maintain exceptional and secure software.