homepage
Menu
Open menu

From Dev to Deployment: Secure Your Supply Chain

Tailored for practitioners and team leaders, discover targeted resources to address the growing challenges of supply chain cybersecurity risks – find exactly what you need to strengthen your security posture against third-party risks.
Improve Visibility GapsAttend Upcoming ForumAccelerate Response TimeStrengthen Vendor SecurityEnhance ResourcesEnsure ComplianceEstablish Playbooks

Supply Chain Attacks Are Evolving – Are You?

245%
Increase in supply chain attacks from 2023 to 2024
79%
of organizations faced disruptions from third-party software breaches last year
$4.7M
Average cost of a supply chain attack in 2024 (USD)
90%
of software vendors must provide an SBOM by 2025 to comply with regulations

Improve Visibility of Supply Chain Risks

Limited visibility into your supply chain ecosystem increases the risk of costly disruptions, delays, and vulnerabilities. Explore related resources:
Webcast
Building and Scaling SBOM Programs: Navigating the Challenges for Effective Risk Management
Learn More
Training
SEC547: Defending Product Supply Chains
Focuses on SBOM driven risk assessments and vendor monitoring to uncover blind spots in your supply chain
Learn More
Training
SEC568: Product Security Penetration Testing - Safeguarding Supply Chains and Managing Third-Party Risk
Bridge the gap between security and procurement by learning how to test and validate third-party risks.
Learn More
Training
LDR553: Cyber Incident Management
Learn to identifying hidden vulnerabilities in software and hardware products.
Learn More
Webcast
Enhanced Vendor Risk Assessments: Maximizing Risk Reduction and Strengthening Vendor Relations
Learn More
Poster
Fortifying Resilience: An In-Depth Exploration of the Overall Product Security Assessment Poster
Learn More
Poster
Vendor Risk Assessment Matrix Cheat Sheet
Learn More
Poster
SBOM Maturity and Process Flow Cheat Sheet
Learn More

Supply Chain Cybersecurity Forum: Securing What You Don’t Control

June 26 | 9AM EDT | Live Online In this focused 3-hour forum, leading experts will share hands-on offensive and defensive strategies for securing the digital supply chain—from code to component—using proven tools, frameworks, and real-world insights. Whether you’re in the trenches dissecting firmware or leading enterprise risk discussions with executives and suppliers, this forum is designed to help you enhance your supply chain security.
View Agenda & Register

Implement Fast and Efficient Supply Chain Attack Response

When your supply chain is under attack, every second matters. A slow or ineffective incident response can lead to costly disruptions and lasting damage. Explore related resources:
Webcast
Supply Chain Compromises Pt. 1 | The Incident Commander Series Ep. 3
Learn More
Webcast
Supply Chain Compromises Pt. 2 | The Incident Commander Series Ep. 4
Learn More
Poster
CIMTK: Third-Party/Supply Chain Incident Management Plan Cheat Sheet
Learn More
Training
LDR553: Cyber Incident Management
Built for incident response — provides structured playbooks and cross-functional coordination for handling supply chain attacks.
Learn More
Webcast
Supply Chain Security Incident Response: Strategies for Responding to Emerging Threats
Learn More
Poster
Software Supply Chain Incident Response Cheat Sheet
Learn More
Training
SEC547: Defending Product Supply Chains
Offers hands-on labs for detecting threats from third parties and mitigating supply chain-specific attacks.
Learn More

Strengthen Your Weakest Links: Optimize Vendor Risk Assessments

Your security is only as strong as your least secure vendor. Transform fragmented assessments into a systematic strategy that scales with your business. Explore related resources:
Training
SEC547: Defending Product Supply Chains
Focuses on scalable vendor risk methodologies and continuous monitoring beyond onboarding.
Learn More
Poster
Vendor Risk Assessment Matrix Cheat Sheet
Learn More
Training
SEC568: Product Security Penetration Testing - Safeguarding Supply Chains and Managing Third-Party Risk
Bridge the gap between security and procurement by learning how to test and validate third-party risks.
Learn More
Webcast
Enhanced Vendor Risk Assessments: Maximizing Risk Reduction and Strengthening Vendor Relations
Learn More
Webcast
Building and Scaling SBOM Programs: Navigating the Challenges for Effective Risk Management
Learn More
Poster
Fortifying Resilience: An In-Depth Exploration of the Overall Product Security Assessment Poster
Learn More

Maximize Your Security Impact: Defend Supply Chains with Limited Resources

Even with constrained budgets and teams, you can reduce third-party risk. Explore practical tools and strategies to help you do more with what you have:
Training
SEC568: Product Security Penetration Testing - Safeguarding Supply Chains and Managing Third-Party Risk
Learn processes and hands-on techniques to test supply chain software and hardware.
Learn More
Webcast
Combating Supply Chain Attacks with Product Security Testing
Learn More
Training
SEC547: Defending Product Supply Chains
Offers hands-on labs for detecting threats from third parties and mitigating supply chain-specific attacks.
Learn More
Poster
SBOM Maturity and Process Flow Cheat Sheet
Learn More
Training
LDR553: Cyber Incident Management
Helps security leaders build more coordinated and efficient response efforts, improving team capability despite staffing or budget constraints.
Learn More
Webcast
What Hacking the Planet Taught Us About Defending Supply Chain Attacks
Learn More
Webcast
Seek Out New Protocols, and Boldly Hack Undetected
Learn More
Poster
Fortifying Resilience: An In-Depth Exploration of the Overall Product Security Assessment Poster
Learn More

Navigate Compliance with Confidence: Meet Evolving Regulatory Demands

As standards evolve and regulatory demands increase, staying compliant can feel overwhelming. Explore related resources to help you navigate complexity, meet requirements with confidence, and protect your organization from compliance gaps.
Training
SEC547: Defending Product Supply Chains
Explores how to meet SBOM-related regulatory requirements and build defensible compliance practices.
Learn More
Webcast
Navigating DORA and NIS2 Compliance for Financial Sector Organizations in the EU
Learn More
Training
LDR553: Cyber Incident Management
Prepares leaders to respond effectively to overlapping mandates and lead compliant incident response efforts.
Learn More
Webcast
Building and Scaling SBOM Programs: Navigating the Challenges for Effective Risk Management
Learn More
Poster
SBOM Maturity and Process Flow Cheat Sheet
Learn More
Poster
Overall Product Security - Assessment Poster
Learn More
Poster
DORA Resource Hub
Explore SANS Courses that can help to strengthen your supply chain to meet DORA Compliance.
Explore Here
Poster
NIS2 Resource Hub
Explore SANS courses that can equip you with the skills to secure your supply chain to meet NIS2 compliance.
Explore Here

Prepare for the Inevitable: Master Supply Chain Incident Response with Chain-Specific Playbooks

A supply chain breach is inevitable; your response doesn’t have to be improvised. Learn how to create chain-specific playbooks and explore other related resources:
Webcast
Supply Chain Security Incident Response: Strategies for Responding to Emerging Threats
Learn More
Training
SEC547: Defending Product Supply Chains
Learn how to detect and respond to threats originating from vendors or software dependencies.
Learn More
Poster
Software Supply Chain Incident Response Cheat Sheet
Learn More
Webcast
3CX Supply Chain Attack - What You Need to Know!
Learn More
Training
LDR553: Cyber Incident Management
Develop dedicated playbooks for third-party and supply chain compromise response.
Learn More
Poster
CIMTK: Third-Party/Supply Chain Incident Management Plan Cheat Sheet
Learn More