Restoring Trust in Open Source: Strategies for a Secure Supply Chain

Modern AppSec often stops at the source code, but the real danger lies in what you import. Based on the INCD’s groundbreaking report, “Breaking the Chain,” this webinar dives deep into how attackers exploit the gap between code creation and deployment – specifically targeting package managers and automated pipelines.

Join experts from the Israel National Cyber Directorate (INCD) and JFrog as they move beyond “shift-left” buzzwords to discuss the architecture required for true end-to-end (E2E) protection. Key Takeaways:

• Deconstructing Attack Tactics: Breakdown of Typosquatting, Dependency Confusion, and the rise of AI-driven “Slopsquatting”.
• Closing the Blind Spot: Why deep binary security is the essential missing piece in the standard software pipeline.
• Operationalizing Guidance: Concrete steps to implement the INCD’s multi-layered security recommendations.