• 2023-09-26
  • 11:00 - 11:45

The evolution of software supply chain attacks - The Sonatype Story

The use of Open Source Software has grown exponentially in recent years, now making up 85-90% of applications. Teams are embracing devops methodologies - continuous integration, continuous delivery - and striving for innovation at speed. However with this change in development practice, new risks are emerging: developers are downloading components at scale with varying policy control, and novel attacks targeting the open-source ecosystem are on the rise.

In the newly released 8th annual State of the Software Supply Chain report, research shows these attacks are increasing 742% year-on-year.

Join Sonatype Lead Solutions Architect, Roger Lau to hear more findings from this report, as he shares insights into the next generation of software supply chain attacks, trends in open source consumption, and best practices to efficiently manage your open source software supply chain.

課程綱要
  • Briefing introduction
  • Evolution of open source software components
  • Deep Dive into software supply chain attacks
  • Mitigating risks
劉信迪 (Roger)

劉信迪 (Roger)

Sonatype APJ Lead Solutions Architect

Roger Lau, APJ Lead Solutions Architect in Sonatype and an advocate of DevSecOps and Automation. With deep insights into the threat landscape in open source component risk and a passion for helping organisations enrich their competitive edge through scalable and secure software supply chain practices, his goal is to support customers in their digital transformation journey of accelerating innovation and delivering secure software at scale.