THREAT ALERT: CVE-2021-44228 is a critical vulnerability resulting in Remote Code Execution (RCE). 

Read Fortress's response to the recent Log4j exploit.

Live Webinar

Patch Poisoning: Critical Infrastructure’s Backdoor

Supply Chain Attacks on Critical Infrastructure

Thursday, November 18, 2021 | 11:00 am-12:00 pm EST

 

As the prevalence of software supply chain attacks escalates, which is highlighted by the recent SolarWinds Orion and Kaseya attacks, fears of future incidents have gripped the industry. As it stands now, the capabilities of the industry are not sufficient to defend against the advanced nature of these attacks. New and varied methods are needed to defend critical infrastructure.

Many attacks are successful because they abuse the trust that software consumers place in software providers. Given that these attacks are carried out against software companies, and the visibility these companies have, it’s easy to see why the industry focuses on the use of code signing and cryptographic hashes to verify software.

Fortress helps complex enterprises discover, prioritize, and monitor third-party security and cyber risks. We are the only company offering a complete platform to manage OT, IT and third-party technology threats in a single end-to-end solution.

During this webinar our Vice President of Security Solutions, Tony Turner, will examine software supply chain attacks to gauge how they occur and can be detected using technical measures.

Topics covered:

  • Supply chain attacks—patch poisoning
    • Third-party components
    • Developer environment
    • Build environment & source code repositories
    • Download site attacks
    • Client-side attacks

Meet the Speakers
 

Tony Turner | Vice President of Security Solutions

Tony leads the VSOC managed services team at Fortress, helping customers with asset and vulnerability management and threat advisory services and designs many of the technical security solutions at Fortress. He has helped hundreds of companies with strategic and tactical approaches to solving their information security challenges.