Angreifer wollen Zugang zu Ihrem Software Development Lifecycle (SDLC)

Logo
Presented by

Patrick Kiessling | Solutions Architect, Sonatype

About this talk

Angreifer finden immer neue Wege, um die Softwareentwicklungskette zu stören. Ob durch Dependency Confusion, Typosquatting oder böswillige Code-Injektionen - die Angriffe auf die Software-Lieferkette haben im vergangenen Jahr um 633 % zugenommen, wobei die durchschnittlichen Kosten einer Datenpanne 4,35 Millionen US-Dollar betragen. Das Schlimmste daran ist, dass viele Unternehmen glauben, diese Angriffe verhindern zu können, indem sie mit dem Scannen der Software warten, bevor sie in den Staging-/Produktionsprozess gelangt, obwohl dies in vielen Fällen zu spät ist.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (38)
Subscribers (4864)
Sonatype is the software supply chain management company. We empower developers and security professionals with intelligent tools to innovate more securely at scale. Our platform addresses every element of an organization’s entire software development life cycle, including third-party open source code, first-party source code, infrastructure as code, and containerized code. Sonatype identifies critical security vulnerabilities and code quality issues and reports results directly to developers when they can most effectively fix them. This helps organizations develop consistently high-quality, secure software which fully meets their business needs and those of their end-customers and partners. More than 2,000 organizations, including 70% of the Fortune 100, and 15 million software developers already rely on our tools and guidance to help them deliver and maintain exceptional and secure software.