Knowledge Forum A
Technology lecture
Forums it-sa Expo

Supply chain security for software - more important than ever

Do you know the security gaps in your software supply chain? Or do you rely on finding known CVEs?

Session description Speaker Session video

Topic

Trend topicAwareness / Phishing / Fraud

When & Where

calendar_month

Wed, 10/26/2022, 10:00 - 10:15

Download session as iCaldownload_for_offline

Details

Format:
Technology lecture

Session description

At the turn of the year 2021/2022, vulnerabilities found in the logging library log4j impressively demonstrated how much the security of applications, systems, and infrastructures depends on the security of the individual components. A standard, widely used open source library for a peripheral issue like logging led to frantic patching and updating of major web services and critical enterprise applications. Employees were recalled from Christmas vacation, and applications were shut down as a precaution. The first patches for log4j turned out to be insufficient, and within a short period of time, improvements had to be made again. Each new log4j version entailed updates of the rolled-out applications, and with each interim status, atta ...

Speaker

Steven Arzt

Abteilungsleiter
Fraunhofer SIT | ATHENE
Germany
German, English