Restoring Trust in Open Source: Strategies for a Secure Supply Chain

Attackers are shifting their focus from source code to the software components that move through package managers and automated pipelines, creating new risks across the supply chain. This webinar examines why imported dependencies have become a prime target and how gaps between development and deployment are being exploited. Drawing on findings from the INCD report "Breaking the Chain," the session explains where traditional application security falls short and why end to end protection is now essential.

The discussion breaks down the most common supply chain attack techniques, including dependency confusion, typosquatting and newer AI driven abuse. It also explains how organizations can go beyond basic shift left practices by combining pipeline visibility with deeper binary security controls. Attendees will leave with practical guidance on building a more resilient software supply chain and reducing exposure to modern component based attacks.