The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete Morgan - ESW #348 episode artwork

EPISODE · Feb 1, 2024 · 46 MIN

The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete Morgan - ESW #348

from Security Weekly Podcast Network (Video)

We've seen general users targeted with phishing, financial employees targeted for BEC scams, and engineers targeted for access to infrastructure. The truly scary attacks, however, are the indirect ones that are automated. The threats that come in via software updates, or trusted connections with third parties. The software supply chain is both absolutely essential, and fragile. A single developer pulling a tiny library out of NPM can cause chaos. A popular open source project changing hands could instantly give access to millions of systems. Every day, a new app store or component repository pops up and becomes critical to maintaining infrastructure. In this interview, we'll chat with Pete Morgan about how these risks can be managed and mitigated. Segment Resources: https://blog.phylum.io/q3-2023-evolution-of-software-supply-chain-security-report/ https://blog.phylum.io/software-supply-chain-security-research-report-q2-2023/ https://blog.phylum.io/q1-2023-evolution-of-software-supply-chain-security/ Show Notes: https://securityweekly.com/esw-348

NOW PLAYING

The Elephant in the Pipeline: Securing the Wild, Untamed Software Supply Chain - Pete Morgan - ESW #348

0:00 46:50

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of Security Weekly Podcast Network (Video)?

This episode is 46 minutes long.

When was this Security Weekly Podcast Network (Video) episode published?

This episode was published on February 1, 2024.

What is this episode about?

We've seen general users targeted with phishing, financial employees targeted for BEC scams, and engineers targeted for access to infrastructure. The truly scary attacks, however, are the indirect ones that are automated. The threats that come in...

Can I download this Security Weekly Podcast Network (Video) episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!