The Simple, Yet Lethal, Anatomy of a Software Supply Chain Attack

Posted on in Presentations

While commercial supply chain attacks are becoming more manageable, security teams have a much harder time with open-source software supply chains. This session will provide an attacker's perspective of open-source flows and flaws and dive into several unique supply chain weaknesses. Demos will show the ease of conducting different attacks and provide a perspective on defeating them as defenders.

Jossef Harush


Head of Engineering, Supply Chain Security, Checkmarx

Erez Yalon


Head of Security Research, Checkmarx

DevSecOps & Application Security Open Source Tools Protecting Data & the Supply Chain Ecosystem

application security DevSecOps exploit of vulnerability hackers & threats supply chain



Share With Your Community