3rd Party Risk Management , Governance & Risk Management , Video
Surging Supply Chain Attacks: Risks and Defenses
Sharan Hiremath of JFrog on Navigating the Rising Tide of Supply Chain AttacksAs supply chain attacks continue to evolve and proliferate, there is a critical need for organizations to fortify their defenses. Sharan Hiremath, senior product manager at JFrog, emphasized the importance of proactive measures, including educating developers using reputable tools, and adopting software composition analysis to safeguard against the growing menace of supply chain vulnerabilities.
See Also: Live Webinar | A Practical Guide To Achieving Continuous Software Supply Chain GRC
He highlighted the omnipresence of open source in today's software landscape and emphasized its vulnerability as a prime target for attackers seeking widespread impact.
"It's no secret that open source is a force multiplier. Eighty percent to 90% of the code is actually open source. Attackers have realized that it's easier to go after open-source packages and software in the wild because you can have a greater impact on the number of attacks," Hiremath said.
In this video interview with Information Security Media Group at Black Hat Europe 2023, Hiremath also discussed:
- How software bills of materials or SBOM standards, such as CycloneDX and SPDX, enhance visibility into software dependencies;
- The rapid adoption of faster release cycles in business operations and how it heightens vulnerabilities in supply chain management;
- The importance of collaboration between security teams and developers.
Hiremath has strong technical experience in delivering innovative solutions for the enterprise security market. He has expertise in establishing product specifications, competitive analysis and market positioning with a focus on real customer needs.