!!!
Please register for the webinar here: http://w.prodops.io/MayWebinar
!!!

Revealed this month, 35 Global technology companies were hacked via the ‘Dependency Confusion’ method. Here’s what you can do to protect against future attacks.

When an ethical hacker announced he’d successfully breached 35 technology company’s vulnerable software supply chains, including Apple, Microsoft and Netflix, it was of no surprise to Sonatype.

Our research team detected over 300 suspicious packages - Alex Birsan’s research efforts - back in 2020. We added the components to our data, alerted the community, and have been actively protecting customers since.

By taking advantage of a novel concept known as ‘dependency confusion’ aka ‘namespace confusion’, Birsan pushed his research packages downstream in an automated fashion to the development environments of multinational technology companies. The method he described is now widely deployed by other actors, with 1444% growth in similar packages in a week since he published his findings.

In this webinar, we invite Ax Sharma, Security Researcher and Advocate and Ilkka Turunen, Field CTO to walk through the events that led to the breaches, how this particular method of software supply chain is so simple, and yet so effective and what you can do about it to avoid exposure in the future.

Ethical hacking: why organisations can pay upwards of $100k a breach

How Sonatype detected and protected

Clear steps on how to avoid future attacks