3rd Party Risk Management , Governance & Risk Management , Video

Surging Supply Chain Attacks: Risks and Defenses

Sharan Hiremath of JFrog on Navigating the Rising Tide of Supply Chain Attacks
Sharan Hiremath, senior product manager, JFrog

As supply chain attacks continue to evolve and proliferate, there is a critical need for organizations to fortify their defenses. Sharan Hiremath, senior product manager at JFrog, emphasized the importance of proactive measures, including educating developers using reputable tools, and adopting software composition analysis to safeguard against the growing menace of supply chain vulnerabilities.

See Also: A New Approach to Endpoint Security Software Testing

He highlighted the omnipresence of open source in today's software landscape and emphasized its vulnerability as a prime target for attackers seeking widespread impact.

"It's no secret that open source is a force multiplier. Eighty percent to 90% of the code is actually open source. Attackers have realized that it's easier to go after open-source packages and software in the wild because you can have a greater impact on the number of attacks," Hiremath said.

In this video interview with Information Security Media Group at Black Hat Europe 2023, Hiremath also discussed:

  • How software bills of materials or SBOM standards, such as CycloneDX and SPDX, enhance visibility into software dependencies;
  • The rapid adoption of faster release cycles in business operations and how it heightens vulnerabilities in supply chain management;
  • The importance of collaboration between security teams and developers.

Hiremath has strong technical experience in delivering innovative solutions for the enterprise security market. He has expertise in establishing product specifications, competitive analysis and market positioning with a focus on real customer needs.


About the Author

Tony Morbin

Tony Morbin

Executive News Editor, EU

Morbin is a veteran cybersecurity and tech journalist, editor, publisher and presenter working exclusively in cybersecurity for the past decade – at ISMG, SC Magazine and IT Sec Guru. He previously covered computing, finance, risk, electronic payments, telecoms, broadband and computing, including at the Financial Times. Morbin spent seven years as an editor in the Middle East and worked on ventures covering Hong Kong and Ukraine.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing healthcareinfosecurity.com, you agree to our use of cookies.