Webinar |

How Dependency Confusion Threatens the Software Supply Chain

Speakers: Matt Austin, Pauline Logan, Patrick Spencer


Matt Austin, Director of Security Research, Contrast Security
Pauline Logan, Product Manager, Contrast OSS

Patrick Spencer, Ph.D., Editor in Chief, Inside AppSec Podcast

New open-source dependency confusion vulnerability poses serious risk if not detected and remediated.

Discover how a new dependency confusion vulnerability can wreak havoc and create widespread risk across the software supply chain. Unlike traditional typosquatting attacks, dependency confusion offers bad actors a vector that requires no action by the victim.

This moderated webinar session covered:

  • How the dependency confusion vulnerability was found and what software is at risk
  • How dependency confusion attacks could stealthily manipulate application source code as happened with the SolarWinds Orion attack
  • What this means in terms of risk exposure for the software supply chain
  • How Contrast developed a capability within Contrast OSS to detect dependency confusion vulnerabilities



On Demand Webinar