DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Container Journal
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv Video Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • Continuous Delivery
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB

Home » Blogs » How to Mitigate Software Supply Chain Risks

How to Mitigate Software Supply Chain Risks

By: Veronica Haggar on February 24, 2022 Leave a Comment

As new vulnerabilities are discovered on a daily basis, DevOps teams must integrate security into the early stages of the development lifecycle and be vigilant about what elements are incorporated into their applications.

Recent Posts By Veronica Haggar
  • ClearML Releases New Reports Feature to Share Real-Time Results of Machine Learning Projects and Ignite ML Collaboration Across the Enterprise
  • Newgen Recognized in 2023 Gartner® Magic Quadrant™ for Enterprise Low-Code Application Platforms for Third Year in a Row
  • The Netherlands Commits $10 Million for UNCTAD’s Work on the Digital Economy and Business and Investment Facilitation
More from Veronica Haggar
Related Posts
  • How to Mitigate Software Supply Chain Risks
  • 4 Reasons Software Developers Need a Bill of Materials
  • Log4j: It’s All About the Supply Chain, Baby!
    Related Categories
  • Blogs
  • DevSecOps
  • Events
    Related Topics
  • Know Your Code: Open Source and Supply Chain Summit
  • log4j
  • Log4Shell
  • Snyk
  • Software Supply Chain Security
Show more
Show less

The Log4J vulnerability has dominated the headlines since it was discovered in December and it continues to send shock waves through the industry. Any application that uses Log4J is subject to the identified family of attacks known as Log4Shell.

TechStrong Con 2023Sponsorships Available

Many tech companies have been impacted by the Log4J vulnerability and it has become a major concern for DevOps teams.

On March 1, cybersecurity experts from Snyk will come together at Know Your Code: Open Source and Supply Chain Summit to discuss future strategies for maintaining security throughout your software supply chain and the security of open source packages.

The experts will lead a live panel based on the learnings from the Log4Shell vulnerability and several real-world remediation approaches as well as other fixes outside of code. The panel features demos on container and IaC hacks and Java-based game hacks.

The sessions explore the software supply chain as an attack vector, how developers are targeted as a vehicle for malware distribution, how immensely we depend on open-source maintainers to release timely security fixes and how the race to the cloud creates new security concerns for developers to cope with, as computing resources turn into infrastructure as code.

Meet the Speakers

  • Mic McCully, field director at Snyk
  • Simon Maple, field CTO at Snyk
  • Micah Silverman, director of developer acceleration at Snyk

Agenda

  • Welcome (11 a.m. to 11:05 a.m. ET)
  • Are We Forever Doomed By Software Supply Chain Risks? (11:05 a.m. to 12 p.m. ET)
  • Coffee Break (12 p.m. to 12:05 p.m. ET)
  • Log4Shell Live Hack: A Hands-on, Actionable Fix Guide (12:05 p.m. to 1 p.m. ET)
  • Break (1 p.m. to 1:05 p.m. ET)
  • Mitigating Risks in Software Supply Chain Security (1:05 p.m. to 2 p.m. ET)

For more information and to register, please visit the Know Your Code: Open Source and Supply Chain Summit website.

Filed Under: Blogs, DevSecOps, Events Tagged With: Know Your Code: Open Source and Supply Chain Summit, log4j, Log4Shell, Snyk, Software Supply Chain Security

« Top Nine Skills for SREs to Master
Akamai: Buying Linode | Firefox: Not OK | Gone: Google Vaccine Mandate »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

Five Best Practices for Safeguarding Salesforce Data
Thursday, February 2, 2023 - 1:00 pm EST
Modernizing Software Delivery for Regulated Industries With Harness and AWS
Thursday, February 2, 2023 - 3:00 pm EST
Automating Day 2 Operations: Best Practices and Outcomes
Tuesday, February 7, 2023 - 3:00 pm EST

Sponsored Content

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Why a Low-Code Platform Should Have Pro-Code Capabilities

March 24, 2021 | Andrew Manby

AWS Well-Architected Framework Elevates Agility

December 17, 2020 | JT Giri

Practical Approaches to Long-Term Cloud-Native Security

December 5, 2019 | Chris Tozzi

Latest from DevOps.com

The Ultimate Guide to Hiring a DevOps Engineer
February 2, 2023 | Vikas Agarwal
Automation Challenges Holding DevOps Back
February 1, 2023 | Mike Vizard
5 Unique Challenges of Mobile App Testing
February 1, 2023 | Frank Moyer
Cisco AppDynamics Survey Surfaces DevSecOps Challenges
January 31, 2023 | Mike Vizard
Jellyfish Adds Tool to Visualize Software Development Workflows
January 31, 2023 | Mike Vizard

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

GET THE TOP STORIES OF THE WEEK

Most Read on DevOps.com

Atlassian Extends Automation Framework’s Reach
January 26, 2023 | Mike Vizard
The Strategic Product Backlog: Lead, Follow, Watch and Explo...
January 26, 2023 | Chad Sands
Stream Big, Think Bigger: Analyze Streaming Data at Scale
January 27, 2023 | Julia Brouillette
What’s Ahead for the Future of Data Streaming?
January 27, 2023 | Danica Fine
New Relic Bolsters Observability Platform
January 30, 2023 | Mike Vizard
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.