YoVDO

The Evolution of the Software Supply Chain Attack

Offered By: Pluralsight

Tags

Supply Chain Courses Software Development Courses Cybersecurity Courses Code Injection Courses Software Supply Chain Attacks Courses Credential Theft Courses

Course Description

Overview

Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and 5,000+ development teams. Ilkka will walk through how hackers are becoming more successful at breaching Software Supply Chains and what you can do about it.

Malicious hackers are becoming increasingly adept at attacking the underbelly of the Software Supply Chain. To cause the most damage while remaining undetected, hackers are rapidly evolving their attack methods. For the past 4 years, the State of the Software Supply Chain Report has documented multiple forms of Open Source Software (OSS) Supply Chain attacks including malicious code injection, stealing project credentials, and typosquatting. However, recent reports (March 9, 2020) have surfaced a new type of Software Supply Chain attack. So far, the Octopus Scanner malware has compromised 26 open source projects hosted on GitHub targeting a well known IDE. Join Ilkka as he shares the proprietary research gathered from 36,000 OSS projects and over 5,000 development teams. Ilkka will walk through how hackers are becoming increasingly successful at breaching Software Supply Chains and what you can do about it.

Taught by

DevSecCon

Related Courses

Software as a Service
University of California, Berkeley via Coursera
Software Testing
University of Utah via Udacity
The Hardware/Software Interface
University of Washington via Coursera
Software Debugging
Saarland University via Udacity
Introduction to Systematic Program Design - Part 1
The University of British Columbia via Coursera