Strengthening the detection of software supply chain attacks
Resources center

Strengthening the detection of software supply chain attacks

Over the last 12 months, supply chain attacks have grown four-fold with threat actors focusing their efforts on three main vectors to conduct supply chain attacks: (i) finding and exploiting software, service flaws, and dependencies; (ii) using backdoor open-source software code to distribute malware; (iii) and poisoning binary artifact repositories.

But what is driving the rapid explosion of supply chain attacks?

Supply chain attacks offer threat actors stealthy, scalable, and privileged access to any organization’s on-premises, cloud, or hybrid environment:

  1. Stealthy, because components of a software supply chain attack can often bypass traditional security controls using privileged access, application exclusions, and zero-day exploits.
  2. Scalable, because poisoning a supply chain vendor can affect numerous downstream customers.
  3. Privileged, because customers of supply chain vendors often rely on the vendor’s management software for their business operations. Zero-day exploits in those management software platforms can easily allow untrusted code to be executed from a trusted source.

Get the resource:

Please enter a valid email address

Please enter a first name

Please enter a last name

Please enter a company name

Please select a country

  1. Consent to Collection and Use of Personal Information
    • Items to be Collected
      • Name, Company Name, Title/Position, Email address, and Phone number
    • Purpose of Collection and Use
      • To deliver marketing communications (1:1 or broad-based), including by direct mail and email
      • To analyze prospective sales opportunities
    • Period of Retention and Use
      • For existing customers: Duration of existing customer relationship plus 7 years
      • For prospective customers: 3 years
    • Right to Refuse Consent and Disadvantages from Refusal of Consent
      • You have the right to refuse the collection and use of your personal information as set forth above. However, please note that if you choose not to provide your consent, you may not be able to receive certain useful information from Sumo Logic.
  1. Consent to Provision of Personal Information to a Third Party
    • Recipient Name
      • Sumo Logic Singapore Private Limited, Korea Branch
        22F, Office #22-102, 83, Uisadang-daero, Yeongdeungpo-gu
        Seoul, Korea 07325
      • Contact us: https://sumologickorea.com/contact-us/
    • Items to be Provided
      • Name, Company Name, Title/Position, Email address, and Phone number
    • Purpose of Use
      • To deliver marketing communications (1:1 or broad-based), including by direct mail and email
      • To analyze prospective sales opportunities
    • Period of Retention and Use
      • Until the purposes of provision are achieved, but for no longer than [5] years from the date of personal information provision
    • Right to Refuse Consent and Disadvantages from Refusal of Consent
      • You have the right to refuse the provision of your personal information to a third party. However, please note that if you choose not to provide your consent, you may not be able to receive certain useful information from Sumo Logic.
  1. Consent to Receive Marketing Information
    • Sumo Logic, Inc. and the Korea Branch of Sumo Logic Singapore Private Limited would like to send you information about our products, services, events, and promotions through various channels such as email, mobile phone, and messaging apps.
More Resource
Explore More!
Explore more Sumo Logic Resource
Briefs
Market Guide for Log Monitoring and Analysis
Briefs
Sumo Logic Threat Intelligence
Briefs
Sumo Logic’s Mo Copilot speeds up response