DiscoverConversingLabs PodcastCan Frameworks Stop Supply Chain Attacks?
Can Frameworks Stop Supply Chain Attacks?

Can Frameworks Stop Supply Chain Attacks?

Update: 2025-12-04
Share

Description

In this episode of ConversingLabs Podcast, host Carolynn van Arsdale welcomes North Carolina State University Professor Laurie Williams and Ph.D. student Sivana Hamer to discuss their team’s research on the effectiveness of software supply chain security (SSCS) frameworks. Their study, “Closing the Chain,” (PDF) found that software products would still be vulnerable to attacks like SolarWinds, Log4j and XZ Utils – even if they fully enforced 10 well-known SSCS frameworks published by government, industry, academia and open source.

Comments 
loading
In Channel
Can Frameworks Stop Supply Chain Attacks?

Can Frameworks Stop Supply Chain Attacks?

2025-12-0443:41

The State of Vulnerability Management

The State of Vulnerability Management

2025-11-0552:42

Who Will Maintain Open Source’s Future?

Who Will Maintain Open Source’s Future?

2025-10-1424:07

Security Badging Open-Source Projects

Security Badging Open-Source Projects

2025-08-2132:44

Aviation Has A Software Problem

Aviation Has A Software Problem

2025-07-1042:32

The Threat of Package Hallucinations

The Threat of Package Hallucinations

2025-07-0143:26

Going Back to Basics to Thwart Attacks

Going Back to Basics to Thwart Attacks

2025-05-0835:37

AppSec Girl Power

AppSec Girl Power

2025-04-1051:00

Cybersecurity's Double-Edged Sword

Cybersecurity's Double-Edged Sword

2025-03-2601:00:35

The Evolution of Threat Intel

The Evolution of Threat Intel

2025-03-1740:34

Hackers Hacking Hackers

Hackers Hacking Hackers

2024-10-0139:06

The Past, Present & Future of SBOMs

The Past, Present & Future of SBOMs

2024-09-1033:59

Is Cybersecurity Ready for the SolarWinds Prosecution?

Is Cybersecurity Ready for the SolarWinds Prosecution?

2024-05-2227:01

Chinese APT Group Exploits SOHO Routers

Chinese APT Group Exploits SOHO Routers

2024-04-0322:46

Securing Medical Devices with SBOMs

Securing Medical Devices with SBOMs

2024-03-2732:52

The LockBit Takedown: What We Know

The LockBit Takedown: What We Know

2024-03-1519:50

The State of Software Supply Chain Security 2024

The State of Software Supply Chain Security 2024

2024-02-2826:21

The State of Open Source Software Security

The State of Open Source Software Security

2023-10-0527:56

Apple Devices as a Growing Attack Vector

Apple Devices as a Growing Attack Vector

2023-09-2707:33

The Art of Security Chaos Engineering

The Art of Security Chaos Engineering

2023-09-2012:22

loading
Google Play
Download from Google Play
Castbox
Download from App Store
usUnited States
00:00
00:00
1.0x

0.5x

0.8x

1.0x

1.25x

1.5x

2.0x

3.0x

Sleep Timer

Off

End of Episode

5 Minutes

10 Minutes

15 Minutes

30 Minutes

45 Minutes

60 Minutes

120 Minutes

Can Frameworks Stop Supply Chain Attacks?

Can Frameworks Stop Supply Chain Attacks?

ReversingLabs