How to Mitigate Software Supply Chain Risks

As new vulnerabilities are discovered on a daily basis, DevOps teams must integrate security into the early stages of the development lifecycle and be vigilant about what elements are incorporated into their applications.

Recent Posts By Veronica Haggar

• ShiftLeft Appoints Prevention-First, Cybersecurity Visionary and Artificial Intelligence/Machine Learning Pioneer Stuart McClure as Chief Executive Officer
• Security Luminary Mike Rothman Joins Techstrong Group as Chief Strategy Officer and GM of Techstrong Research
• DevOps Connect: DevSecOps — Building a Modern Cybersecurity Practice

More from Veronica Haggar

Related Posts

• How to Mitigate Software Supply Chain Risks
• The Age of Software Supply Chain Disruption
• Cycode Expands Scope of AppDev Security Platform

Related Categories
• Blogs
• DevSecOps
• Events

Related Topics
• Know Your Code: Open Source and Supply Chain Summit
• log4j
• Log4Shell
• Snyk
• Software Supply Chain Security

Show more

Show less

The Log4J vulnerability has dominated the headlines since it was discovered in December and it continues to send shock waves through the industry. Any application that uses Log4J is subject to the identified family of attacks known as Log4Shell.

Many tech companies have been impacted by the Log4J vulnerability and it has become a major concern for DevOps teams.

On March 1, cybersecurity experts from Snyk will come together at Know Your Code: Open Source and Supply Chain Summit to discuss future strategies for maintaining security throughout your software supply chain and the security of open source packages.

The experts will lead a live panel based on the learnings from the Log4Shell vulnerability and several real-world remediation approaches as well as other fixes outside of code. The panel features demos on container and IaC hacks and Java-based game hacks.

The sessions explore the software supply chain as an attack vector, how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.

Meet the Speakers

• Mic McCully, field director at Snyk
• Simon Maple, field CTO at Snyk
• Micah Silverman, director of developer acceleration at Snyk

Agenda

• Welcome (11 a.m. to 11:05 a.m. ET)
• Are We Forever Doomed By Software Supply Chain Risks? (11:05 a.m. to 12 p.m. ET)
• Coffee Break (12 p.m. to 12:05 p.m. ET)
• Log4Shell Live Hack: A Hands-on, Actionable Fix Guide (12:05 p.m. to 1 p.m. ET)
• Break (1 p.m. to 1:05 p.m. ET)
• Mitigating Risks in Software Supply Chain Security (1:05 p.m. to 2 p.m. ET)

For more information and to register, please visit the Know Your Code: Open Source and Supply Chain Summit website.