Sign up now
Schedule
Want to stay in the loop?
Sign up for our newsletter.
Explore the hidden risks of open-source software at the Cyber Solutions Fest: Spring. While open source has revolutionized modern application development, its reliance on volunteer-driven code introduces significant security vulnerabilities. This session will dive into how supply chain attacks, like the CodeCov incident and malicious packages on npm and PyPi, are exploiting these weaknesses. Attendees will gain insights into how to integrate open-source supply chain security into their threat modeling processes, ensuring safer development practices. Learn about attack vectors, practical defenses, and strategies to bolster your security posture from day one of development.
Join us to understand the evolving landscape of open-source risks and how to mitigate them effectively.
Sign up for our newsletter.
Integrate Microsoft Defender for Cloud with Endor Labs for reachability analysis and attack path visibility — available natively within the Defender for Cloud console. Prioritize what to fix without switching tools.
Click to read
The Cyber Resilience Act (CRA) sets mandatory security requirements for hardware and software. This blog covers key compliance objectives, challenges with OSS vulnerabilities, and best practices for maintaining security throughout the product life cycle.
Click to read
Get key insights from the 2024 Dependency Management webinar with Darren Meyer and Henrik Plate. We discuss how to prioritize vulnerabilities, navigate breaking changes, and leverage public vulnerability databases effectively.
Click to read
This blog covers key steps to simplify FedRAMP vulnerability management, helping you reduce risks and meet compliance timelines. It also provides practical tips to empower developers and streamline fixes for a smoother FedRAMP process.
Click to read
GitHub Actions are open source dependencies - secure them accordingly! Learn how to effectively manage the security risks associated with GitHub Actions with a proactive approach focusing on three key areas: visibility, hardening, and dependency management.
Click to read
Lightsaber Stunt Training Series - Europe
Click to view
Innovate Cybersecurity Summit - Nashville
Click to view
Innovate Cybersecurity Summit, Scottsdale
Click to view