<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=1076912843267184&amp;ev=PageView&amp;noscript=1">

RL Blog


Rethink your SOC to defend against software supply chain attacks

Carolynn van Arsdale
Blog Author

Carolynn van Arsdale, Writer, ReversingLabs.


Software supply chain attacks are on the rise, and a severe threat. Enterprises aiming to reduce risk need to rethink their SOC. Here's how to get started.

Software supply chain attacks just won’t quit. These attacks, spanning over decades, have only become more complex and devastating to software dependent organizations. If the number of attacks doesn’t cause enough alarm, researchers at ReversingLabs have recently discovered new software supply chain risks, such as overpowered third-party plugins, weak software integrity validation, package repository risks, and more.

ReversingLabs Reverse Engineer Karlo Zanki recently discovered a new software supply chain attack: IconBurst, which marks a new trend of less sophisticated attackers taking advantage of slack security measures. In other words, the case for paying attention to software supply chain risk has never been stronger. 

While it may seem fitting to place the responsibility of securing software on development teams, don't forget that the buck stops on defending the software supply chain risk with  Security Operations Centers (SOCs). SOCs are the last line of defense for an organization, and that is why organizations, especially ones serving critical infrastructure, need to rethink the mission of their SOCs to make defending the software supply chain a top priority. 

If major enterprises begin to rethink the role of the SOC, their organizations will become more resilient to software supply chain risks. This means ensuring that the SOC has a holistic view of a company’s infrastructure. This view should include a comprehensive understanding of the software development lifecycle, CI/CD workflows, the possibility of software tampering, and more. This will allow SOCs to feel more prepared and knowledgeable about what kinds of threats are coming their way.

Enterprises should also reimagine the relationships between their internal defensive teams that all tackle such threats. Rather than looking at the work of dev teams, IT teams, and SOCs as separate, organizations should instead foster communication and collaboration between these teams, giving their institution the highest quality of defense. This communal understanding will better prepare organizations in managing the risks that come their way.

Software supply chain attacks remain an invisible threat to enterprises. If your  organization is curious about how to rethink your SOC in the age of software supply chain attacks, learn more in our webinar replay: The Hole in Your SOC: Software Supply Chain Risks.

The conversation features Edward Amoroso, Founder and CEO of TAG Cyber, Greg Crabb, Founder of 10-8, and Scott Lambert, VP of Threat Intelligence at ReversingLabs. The expert group will discuss the complex and timely challenge of evolving enterprise SOC management strategies, and frame the discussion to aid enterprise executives, sharing the recent history of software supply chain attacks, what software risks remain at large, and what the SOC’s role is in defending the software supply chain.

[ Get key takeaways from a survey of 300+ professionals on software security. Plus, download the full report: Flying Blind: Firms Struggle to Detect Software Supply Chain Attacks ]

Explore RL's Spectra suite: Spectra Assure for software supply chain security, Spectra Detect for scalable file analysis, Spectra Analyze for malware analysis and threat hunting, and Spectra Intelligence for reputation data and intelligence.

More Blog Posts

    Special Reports