Skip to content

How Dependency Confusion Threatens the Software Supply Chain

Speakers: Matt Austin, Pauline Logan, Patrick Spencer

New open-source dependency confusion vulnerability poses serious risk if not detected and remediated.

Discover how a new dependency confusion vulnerability can wreak havoc and create widespread risk across the software supply chain. Unlike traditional typosquatting attacks, dependency confusion offers bad actors a vector that requires no action by the victim.

This moderated webinar session covered:

  • How the dependency confusion vulnerability was found and what software is at risk
  • How dependency confusion attacks could stealthily manipulate application source code as happened with the SolarWinds Orion attack
  • What this means in terms of risk exposure for the software supply chain
  • How Contrast developed a capability within Contrast OSS to detect dependency confusion vulnerabilities

Watch On-Demand