Open Source, Supply Chain Attacks and AI: The Risks and Challenges Ahead – Loreli Cadapan, ActiveState

July 20, 2023

First, everyone uses open source, that is not going to change. The AST toolset is simply not built to address supply chain attacks, so leaving your pre-build process to chance is a disaster waiting to happen. Second, hackers KNOW that tracking open source components and providing provenance/attestations is difficult. It makes typosquatting and other common vectors even more appealing to target. And third, AI will undoubtedly improve the creation of simple apps, but it will also enable smarter hacks.

Share some ❤
Guest(s): Loreli Cadapan
Categories: Interviews
starts in 10 seconds