Patch Poisoning: Critical Infrastructure’s Backdoor
Supply Chain Attacks on Critical Infrastructure
Thursday, November 18, 2021 | 11:00 am-12:00 pm EST
As the prevalence of software supply chain attacks escalates, which is highlighted by the recent SolarWinds Orion and Kaseya attacks, fears of future incidents have gripped the industry. As it stands now, the capabilities of the industry are not sufficient to defend against the advanced nature of these attacks. New and varied methods are needed to defend critical infrastructure.
Many attacks are successful because they abuse the trust that software consumers place in software providers. Given that these attacks are carried out against software companies, and the visibility these companies have, it’s easy to see why the industry focuses on the use of code signing and cryptographic hashes to verify software.
Fortress helps complex enterprises discover, prioritize, and monitor third-party security and cyber risks. We are the only company offering a complete platform to manage OT, IT and third-party technology threats in a single end-to-end solution.
During this webinar our Vice President of Security Solutions, Tony Turner, will examine software supply chain attacks to gauge how they occur and can be detected using technical measures.
- Supply chain attacks—patch poisoning
- Third-party components
- Developer environment
- Build environment & source code repositories
- Download site attacks
- Client-side attacks
Meet the Speakers
Tony Turner | Vice President of Security Solutions
Tony leads the VSOC managed services team at Fortress, helping customers with asset and vulnerability management and threat advisory services and designs many of the technical security solutions at Fortress. He has helped hundreds of companies with strategic and tactical approaches to solving their information security challenges.