15:00 - 16:00 (UTC-11)
Talk (60 min)
The Good, the Bad, and the NPM Package: Supply Chain Attacks and How to Protect Your App
Open source code makes up 90% of most codebases. How do you know if you can trust your open source dependencies? It is critical to manage your dependencies effectively to reduce risk, but most teams have an ad-hoc process where any developer can introduce dependencies leaving organizations open to risk from malicious dependencies.
Software supply chain attacks have exploded over the past 12 months and they’re only accelerating in 2022 and beyond. We’ll dive into examples of recent supply chain attacks and what concrete steps you can take to protect your team from this emerging threat.