Supply Chain Protection: Stop Remote Code Execution During Runtime

  • Thursday, 04 Mar 2021 1:00PM EST (04 Mar 2021 18:00 UTC)
  • Speakers: Dave Shackleford, Satya Gupta

The SolarWinds supply chain attack took everyone by surprise, exposing a bare belly across government entities, infrastructure and enterprises alike. A brutal security failure that relied on perimeter tools, threat hunting and prior knowledge to stop an attack ' only to find that these tools were powerless to identify and stop a Remote Code Execution (RCE) exploit. The attack surface has grown exponentially, and workloads are the main target.

The SolarWinds attack exposed a giant, gaping hole in the supply chain and cybersecurity as a whole. Just how vulnerable are we? Organizations, institutions, governments, enterprises and critical infrastructure alike have been reeling from this remote code execution exploit, a type of runtime attack that until now has only existed on the periphery.

Existing security tools are not sufficient to secure the supply chain, namely because the most sophisticated attacks are occurring at runtime, a notorious blind spot in organizations. Conventional security tools are not instrumented to detect exploits in memory and do not provide any visibility into runtime. More importantly, they do not provide runtime protection, so evasive attacks that proliferate at the memory level often go undetected for days, months, or even years.

End point protection, perimeter and threat hunting tools won't identify unique malware that already exists in a system. Therefore, effective protection and defense against sophisticated and evasive remote code execution attacks requires new tactics and new tools.

Satya Gupta, CTO and Co-Founder of Virsec, provides detailed technical analysis on remote code execution vulnerabilities in the supply chain. See how the culprits infiltrated and deposited a backdoor into the well-protected SolarWinds software infrastructure, and then into the systems of tens of thousands of users in the SolarWinds supply chain. Watch a live demonstration of the technology that stops remote code execution in its tracks, learn how to identify and prevent these attacks in your own infrastructure, and get best practices to protect your workloads against future or ongoing supply chain attacks.