Typosquatting and software supply chain security

02/02/2023

In this lesson, Matt dives into typosquatting, an attack in which malicious actors will copy and slightly misspell the names of legitimate software packages. As a result of the speed of DevOps and human error, these typosquatted packages get downloaded, causing software supply chain attacks. 

Keep learning

• Related ReversingGlass: DNA of an app
• Special: The State of Supply Chain Security
• See the Forrester SCA Landscape Report
Matt Rose

About Author: Matt Rose

Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.

Related episodes

Artificial Intelligence (AI)/Machine Learning (ML)

ReversingGlass: EO on AI: What security teams need to know

ReversingGlass

Shift Up Your SBOM

Artificial Intelligence (AI)/Machine Learning (ML)

AI and Application Security: Proceed with Caution

ReversingGlass

What the heck is an SBOM?

ReversingGlass

What is ReversingGlass?

Subscribe

Sign up now to receive the latest weekly
news from ReversingLabs

Get Started
Request a DEMO

Learn more about how ReversingLabs can help your company reduce attack surface risks with deep software and file threat analysis to speed release and response. 

REQUEST A DEMO