With new software supply chain attacks reaching the spotlight at an accelerated rate; security research uncovering novel attack methods, and new security mandates and guidelines starting to come into effect. It can be hard to stay on top of the latest developments and their implications.
Catch this informative session to see a breakdown of the recent software supply chain security news and what you can do to meet new requirements and protect your software from such attacks. Get a deep-dive on:
- Recent software supply chain attacks and the attack methods behind them (eg: namesquatting and placement of malicious packages in commonly used OSS library repositories)
- Best practices when incorporating a shift-left security strategy into your SDLC to effectively manage software supply chain risks
- How JFrog Xray is not a point security solution but is continuously active and not only tells you what the incident is, but when it happened and everywhere you’ll need to remediate.
- Decreased remediation times using JFrog’s Contextual Analysis for greater pin-point accuracy on whether a CVE is applicable to your build or application.
- Best practices for using Software bill of materials (SBOM) – what you should track and how to manage it as an integrated part of your SDLC