Wednesday, July 28, 2021 at 12:00:00 PM Online event
Code Tampering: 4 Keys to Risk Reduction
IF YOU'D LIKE TO JOIN LIVE AND/OR GET A COPY OF THE RECORDING, MAKE SURE TO SIGN UP HERE (AND NOT JUST ON MEETUP): https://cycode.com/risk-reduction
Thur, July 28th, 2021
10:00 AM - 11:00 AM PST
Code tampering is a software company's worst nightmare. Unfortunately, 2021 has been the year that this nightmare has come true from many organizations. In fact, code tampering has led to new major supply chain attacks nearly every month: SolarWinds, Accellion, Mimecast, Click Studios, PHP, CodeCov, and Kaseya.
These incidents make it clear that the attackers are targeting DevOps tools and infrastructure just as hard as production applications. Attackers are now looking for any entry point into the victim's SDLC and then seeking to expand laterally across each phase to tamper with code and push it live into production without detection. Ironically, DevOps automation that increases release efficiency also makes it easier for attackers to move laterally as each system becomes more tightly interconnected.
After an overview of code tampering, and learnings from recent incidents, this webinar will propose a four-pillar approach to reducing code tampering risk:
Increasing integrity: Confirming files & artifacts across each phase of the SDLC
Anomaly detection: Connecting dots from disparate systems to identify breaches
Critical code monitoring: Determining which code to monitor for any and all changes
Defense in depth: Applying security and governance policies across DevOps tools and cloud infrastructure.
0 Response to "July 28: Cloud Architects and Engineers Kansas City - Code Tampering: 4 Keys to Risk Reduction"
Post a Comment