Typosquatting and software supply chain security

In this lesson, Matt dives into typosquatting, an attack in which malicious actors will copy and slightly misspell the names of legitimate software packages. As a result of the speed of DevOps and human error, these typosquatted packages get downloaded, causing software supply chain attacks.

Keep learning

Field CISO at ReversingLabs. Matt Rose has an extensive background in application security, object-oriented programming, multi-tier architecture design and implementation, and internet/intranet development. His areas of expertise include Application Security, SAST, DAST, IAST, SCA, DevSecOps, and Threat Modeling. Matt is an accomplished public speaker and has been quoted in 50+ AST industry media publications.

Typosquatting and software supply chain security

SCA Is Good. SSCS Is Better.

Reproducible Builds: Graduate Your Application Security

Spectra Assure Free Trial

Related episodes

Typosquatting and software supply chain security

SCA Is Good. SSCS Is Better.

Reproducible Builds: Graduate Your Application Security