Loading…
CanSecWest 2022 has ended
Back To Schedule
Friday, May 20 • 09:00 - 10:00
Securing the 3rd Party Software Life Cycle

Log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Supply chain attacks have been on the rise in the past two years and are proving to be common and reliable attack vectors that affect all consumers of software. Securing an organization from third party software attacks is quite complicated, with numerous threats along the software lifecycle from Selection? Choice of Third Party Software, Deployment, Updates and finally Retirement. While point-in-time assessments help in uncovering risk before the software is selected, its practically impossible to review all solutions beforehand and these point in time assessments cannot withstand the continuous feature enhancements or updates a software may go through in its lifetime. There is no comprehensive end-to-end framework that defines both how to mitigate threats across the software supply chain and provides reasonable security guarantees. There is an urgent need for a solution in the face of the eye-opening, multi-billion-dollar attacks in recent times.

In this talk we are going to present our proposed solution - Securing the 3rd Party Software Life Cycle, an end-to-end framework for ensuring the security of third-party software throughout its lifecycle.

Speakers
KN

Kesav Nimmagadda

Senior Security Program Manager, Microsoft
Kesav leads the operations and strategy for Software Supply Chain Security Assurance program and works with various engineering teams at Microsoft to ensure they are aligned with Microsoft’s security strategy.  Kesav is passionate about solving the software supply chain security... Read More →
NS

Neha Shukla

Sr Security Program Manager, Microsoft
Neha leads the Software Supply Chain Security Assurance program and works with various engineering teams at Microsoft to ensure they are aligned with Microsoft’s security strategy.  Neha is passionate about solving the software supply chain security problem for Microsoft and share... Read More →


Friday May 20, 2022 09:00 - 10:00 PDT
Main CanSecWest Ballroom - Sheraton Wall Center 1000 Burrard St, Vancouver, BC V6Z 2R9