Training
Featured CourseView All Courses
Get a free hour of SANS training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
Cloud Security Training, Courses, and Resources
Can't find what you are looking for?

Let us help.

Contact us
Community Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely.

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Talk With an Expert
Talk With an Expert

Supply Chain Cybersecurity Forum

  • Thu, Jun 26, 2025
  • 9:00AM - 12:00PM UTC
  • English
  • Douglas McKee & Tony Turner
  • Technical Presentation
Login to register
Webcast Hero

Beyond the Perimeter: Securing What You Don’t Control 

As software and hardware supply chains grow more complex and globally interconnected, they have also become prime targets for attackers. From deeply embedded vulnerabilities in third-party components to subtle software compromises and counterfeit hardware, today’s supply chain threats are stealthy, sophisticated, and increasingly difficult to detect. 

Join us for a focused 3-hour forum where experts and practitioners tackle one of cybersecurity’s most pressing challenges: how to secure the digital supply chain from code to component

This forum brings together offensive and defensive insights from the field — grounded in hands-on experience — to equip you with practical strategies, tools, and frameworks to: 

  • Identify and mitigate hidden risks introduced by third-party software and hardware 
  • Conduct technical product security testing and risk analysis at scale 
  • Perform static firmware analysis and deconstruct proprietary protocols 
  • Evaluate vendors and technologies using SBOMs and modern risk methodologies 
  • Build a mature, resilient supply chain risk management program 
  • Engage with key stakeholders to align procurement, contracting, and security goals 

Whether you’re in the trenches dissecting firmware or leading enterprise risk discussions with executives and suppliers, this forum is designed to help you enhance your supply chain security

Agenda

9:00 AM – 9:10 AM - Welcome & Opening Remarks Doug McKee & Tony Turner

9:10 AM – 9:45 AM - Know Your AI: Scanning the Hidden Layers of Open Source Models with w/ Kasimir Schulz

10:20 AM – 10:30 AM - Break

10:30 AM – 11:05 AM - Beyond the SBOM: Advancing Transparency with the BOM Maturity Model w/ Steve Springett

11:05 AM – 11:40 AM - Unseen and Unsecured: Firmware Attacks Expanding the Enterprise Attack Surface w/ Paul Asadoorian

11:40 AM – 12:00 PM - Closing Remarks

Join the forum discussion on Slack.

Who Should Attend: Security engineers, product security professionals, PSIRT teams, risk managers, incident responders, SOC analysts, and cybersecurity leaders responsible for securing their organization’s technology stack and third-party ecosystems.

Meet the speakers

Douglas McKee

Douglas McKee

Executive Director of Threat Research

Douglas McKee, Executive Director of Threat Research at SonicWall, revolutionized cybersecurity by spearheading the detection of over 210,000 novel malware variants and pioneering real-time threat intelligence that accelerates defense responses.

Learn more
Tony Turner

Tony Turner

VP, Product

Tony Turner has reshaped critical infrastructure security by advancing SBOM maturity and Cyber-Informed Engineering, while pioneering adversarial AI simulations and digital twin technologies as VP at Frenos.

Learn more