Advanced, software supply chain attacks have a vast and rippling impact. By injecting malicious code into an otherwise legitimate software update, bad actors infected over 18,000 conscientious SolarWinds customers.
The malware inserted in SolarWinds’ Orion application is just one vector of what looks to have been a well-planned, multi-pronged campaign targeting specific organizations.
Such a high impact breach exposes the increasing attack surface and vulnerability of software development and delivery. With the advent of CI/CD pipelines, supply chain attacks have become more prevalent – with attackers compromising certificates to sign code and bypass controls.
Sponsored by CyberArk
8251 Greensboro Drive, Suite 510, McLean, VA 22102
CA: Do Not Sell My Personal Info