Seven City Digital Tour Provides Lessons Learned from SolarWinds Software Supply Chain Attack, Best Practices and Software Assurance Solutions
CAMBRIDGE, Mass., May 12, 2021 - ReversingLabs, the leading provider of explainable threat intelligence and software assurance solutions, today announced REVERSING2021, a seven-city digital, global roadshow series. Addressing Fortune 500 business concerns, this virtual series will provide the supply chain analysis of the SunBurst compromise, while offering attendees new approaches and immediate actions they can take to mitigate future unknown software supply chain attacks. Full details including dates and how to register can be found at ReversingLabs.
“The SunBurst attack provided costly insights into the power of the next generation of attacks that thrive on access, sophistication and patience,” said Mario Vuksan, CEO and Co-Founder, ReversingLabs. “Our team led the charge in dissecting the supply chain portion of this incident and introducing new approaches that businesses can use to detect and prevent future software supply chain attacks. Through this roadshow, our experts will help attendees better understand the anatomy of a supply chain attack and receive prescriptive recommendations to stop this kind of compromise.”
New data from a recent survey of security professionals on 2021 cybersecurity priorities conducted by ReversingLabs reveals that 52 percent of respondents believe their organization needs to protect against new digital risks like software supply chain attacks. REVERSING2021 is ideal for chief information security officers (CISO), risk officers, and DevSecOps and application security teams from Fortune 500 businesses, interested in hearing from experts about the latest approaches for mitigating these kinds of attacks.
“For companies that operate valuable businesses or produce software critical to their customers, inspecting software and monitoring updates for signs of tampering, malicious or unwanted additions, whether by insiders or outsiders, must be part of the risk management process,” said Chief Software Architect, Threat Research Lead and Co-Founder at ReversingLabs, Tomislav Pericin. Pericin was one of the first industry experts to shine light on the SolarWinds attack. His insights were shared in a blog titled, “SunBurst: the next level of stealth.” The article details the evolution of the attack on the build system and provides “how to secure what you build, and verify what you buy” insights that teams can put into practice to detect and prevent similar attacks.
REVERSING2021 discussions will feature insights from Pericin who will share key lessons learned from the SunBurst compromise and introduce a set of supply chain security best practices designed to protect companies from being impacted. Pericin will also provide a software assurance product walkthrough to clearly demonstrate how attendees can put these practices into action.
ReversingLabs Managed Software Assurance Service
REVERSING2021 attendees will also have the opportunity to preview the ReversingLabs Software Assurance Service, now available as part of ReversingLabs early adopters program. The service provides advanced analysis of in-house developed or third-party software packages as an on-demand service. Leveraging a secure channel to ReversingLabs, customers upload software packages requiring analysis for ReversingLabs to analyze, interpret and provide guidance on.
The ReversingLabs Managed Software Assurance Service will deliver:
- Seamless and frictionless process to upload software packages for recurring analysis
- Deep inspection for malware and post exploitation vulnerability presence through recursive package decomposition, extracting all possible components for advanced analysis
- Software grading based on code signing process and application hardening using software vulnerability mitigation techniques
- Analysis report describing a full and validated software bill of materials, software quality metrics, malicious behavior and explainable insights tracked across software versions
- An audit report in both machine-readable and human-readable formatting for all embedded files
- Designated ReversingLabs research analyst to verify whether software is fit for its purpose and safe to put in production
REVERSING2021 will take place virtually in seven cities this summer with each event catered to security professionals in San Francisco, Chicago, Atlanta, Washington D.C., New York, Boston, and London. Each session will be followed by a virtual wine and whiskey tasting. Full details including dates and how to register can be found at ReversingLabs.
ReversingLabs helps teams responsible for securing operations and protecting the software supply chain to identify, detect and respond to the latest attacks, advanced persistent threats and polymorphic malware by providing explainable threat intelligence into destructive files and objects.
ReversingLabs technology is used by the world’s most advanced security vendors and deployed across all industries searching for a better way to get at the root of the web, mobile, email, cloud, app development and supply chain threat problem, of which files and objects have become major risk contributors.
ReversingLabs Titanium Platform provides broad integration support with more than 4,000 unique file and object formats, speeds detection of malicious objects through automated static analysis, prioritizing the highest risks with actionable detail in only .005 seconds. With unmatched breadth and privacy, the platform accurately detects threats through explainable machine learning models, leveraging the largest repository of malware in the industry, containing more than 10 billion files and objects. Delivering transparency and trust, thousands of ‘human readable’ indicators explain why a classification and threat verdict was determined, while integrating at scale across the enterprise with connectors that support existing open-source developer libraries, SIEM, SOAR, threat intelligence platform and sandbox investments, reducing incident response time for SOC analysts, while providing high priority and detailed threat information for both developers and hunters to take quick action.
Doug Fraim, Guyer Group