We typically think of supply chain attacks as stealthy attacks on hardware components, such as malware on laptops and network devices.

However, supply chain attacks target service providers and cannot be ruled out as it is a significant intrusion of the entire ecosystem. Supply chain attacks pose the risk of supplier vulnerabilities, which is the common cause of compromise. Vigilantly monitoring suppliers’ security status - always knowing the risks they bring in - is an essential part of building resilience and response capabilities.

In this session, led by Prasanna Raghavendra, senior director, R&D, JFrog, India, you will learn:

• How to respond to software-associated supply chain attacks;
• Intersection of DevOps and security;
• How is AI/ML changing the approach of the Dev and security teams in identifying malicious codes and what are the concerns?
• Security-by-design approach to secure software applications and evaluate third-party products;
• How does the “shift-left” strategy help protect the organizations against attacks?