Gartner® Recognizes Spectra Assure in 2025 Market Guide for Software Supply Chain Security
Read Now
The 2025 Software Supply Chain Security Report
Read Annual Report
Looking for an alternative to VirusTotal? We've got you covered.
Learn More
Educational Series

Software Package Deconstruction

Analyzing Risks To Your Software Supply Chain

Software Package Deconstruction

About the Series

In each episode of our application security series we will deconstruct, analyze, and expose hidden risks inside some of the largest most complex software packages. App Sec and Dev Teams will see our Software Supply Chain Security platform in action and how it provides teams with new found confidence and the ability to make Go/No Go software release decisions based on the most comprehensive view of software risk in the industry.
Software-Package-Deconstruction-

Deconstructing Video Conferencing Software: GoToMeeting & BlueJeans

GoToMeeting and BlueJeans Meet are two popular video conferencing tools, relied on by organizations of all sizes for global communication. But what threats and risks are lurking beneath the code? How are these standard tools impacting an enterprise's security posture? What does the code tell us about the build quality and risk profile?

In this episode, Tim Stahl deconstructs these video conferencing tools, exposing the threats hidden within, and discusses how your organization can address these potential threats.

Watch Episode
VPN Software Deconstruction

Deconstructing Enterprise VPNs: SonicWall, Check Point & OpenVPN

Knowing how your VPN tools are constructed, whether they exhibit any suspicious functionality, contain vulnerabilities and outdated components, or represent a risk to the data they are meant to protect is critical. Trust but verify! 

Watch as Tim Stahl  deconstructs these common tools, exposing the threats hidden within, and discusses how your organization can address these potential threats.

Watch Episode
Reducing-False-Positives-in-the-SOC-with-Software-Analysis Deconstruction Series

Reducing False Positives in the SOC through Software Analysis

On Demand
Software supply chain analysis can reveal important information that security teams can leverage to tune detections across security solutions before deploying new software. Preventing false positives, and time wasted doing investigations related to expected application behaviors (EDR detections) and network traffic elements, can save significant resources for today’s overworked security teams.
 
Watch Episode
Software-Package-Deconstruction-Docker-Desktop-1400x732

Deconstructing Docker Desktop Software Package

On Demand | Presented on July 13, 2023
In this episode, Tim will take a look at one of the most popular container related applications: Docker Desktop. Container security involves more than containers... it encompasses the tools used to create and manage them. The tools used for any type of development, security or administration functions are often overlooked elements of an enterprise's attack surface.
 
Watch Episode
Software-Package-Deconstruction-Crypto-Wallet-1280x720

Deconstructing Crypto-Wallet Software Packages

On Demand | Presented on June 22, 2023
In this episode, Tim will leverage several software supply chain analysis concepts to perform comparisons across similar crypto-wallet software packages, highlighting the risks and threats from within the packages to everyday users. These elements can be used to assess a vendor's overall “build quality” and the level of risk inherent in their software pipeline across products.
 
Watch Episode
next ›

Special Reports

The 2025 Software Supply Chain Security Report

The 2025 Software Supply Chain Security Report

Software supply chain attacks are an increasingly popular tool for malicious actors. And the rapid embrace of AI and machine learning (ML) tools is introducing new supply chain risks. Here's what your organization needs to know.

March 12, 2025