Malicious code has been making headlines over the past years. The type of attacks may vary, but the consequences are real. We’ve seen a spate of malicious open source components identified within the NPM repository, or an ethical hacker gaining access to the systems of several notable tech companies using publicly hosted packages. Today, threat actors are looking beyond exploiting weaknesses in the application layer.

Now they have started taking advantage of the inherent trust associated with open source software. Inadvertently building code with these weaknesses into applications leaves businesses and their customers prime targets of supply chain attacks. Join us as we discuss

• What can be classified as malicious code or malware
• Some of the techniques that attackers use to inject malicious code into the supply chain
• Methods for identifying malicious code and open source components