The Daisy Chain of Risk – Examining the Links in Your Vendor Ecosystem

All of our organizations are dependent on their supply chain and having a secure and uninterrupted ecosystem of vendors and partners is critical to smooth operations. Of course, if it is important to us, then it is a target, no matter the locale. The recent SolarWinds attack illustrated how a patient adversary can be successful as they work their way through multiple vendors in a supply chain to reach their desired target. This infiltration was difficult to spot and for many, even harder to respond to adequately. These types of attacks will continue and grow in sophistication. Organizations need to use OSINT and other vendor tools that can investigate their partners in the supply chain to gain insight into if they can trust what those applications are doing on their network. Join DomainTools Senior Security Researcher, Chad Anderson, and (ISC)2 on March 4, 2021 at 1:00 PM Eastern for a roundtable discussion on supply chain attacks and security, what tools work and can provide insight into your supply chain and partner’s infrastructure, and how a good security posture builds from knowing the inventory and behaviors of what’s running on your supply chain.