Combating Supply Chain Attacks with Product Security Testing

Supply chain attacks go unnoticed on average for 235 days and do more damage as a result of us not having a deep understanding of the products being used on a network. Product security testing helps obtain a comprehensive understanding of how choosing to use a particular product in your organization can affect your threat model and risk posture. This makes product security testing vital in preparing your organization to defend and reduce the impact of software supply chain attacks.

Join SANS authors and instructors Doug McKee and Ismael Valenzuela in this live session to learn how in-depth security testing of products can be a game-changer in bolstering organizational defenses. Drawing upon the content and insights from the new SANS SEC568 course, participants will be introduced to:

The different types of supply chain attacks and the intrinsic risks associated with introducing software and hardware products in your environment.

The methodologies and techniques used in product security testing across diverse platforms, including desktop, mobile, and hardware devices.

The benefits of combining offensive tactics with a defensive mindset, aka 'Think Red, Act Blue'.

Real-world case studies that shed light on successful mitigation strategies and lessons learned from past supply chain breaches.