QSC24: Securing Your Supply Chain & Custom Apps | Open-Source Risks & Threat Management

In this session, Himanshu Kathpal, Sr. Director of Product Management at Qualys, and Theo Bowman, Information Security Engineer II at NCR Atleos, unpack the growing risks linked to open-source software and supply chain vulnerabilities. With recent high-profile breaches like Log4j and SolarWinds making headlines, it's clear that traditional vulnerability management tools often miss deeply embedded threats in custom business applications and third-party components. The session explores how Qualys Software Composition Analysis (SCA) helps organizations detect, prioritize, and remediate hidden risks in real time—before attackers can exploit them. You’ll also hear a firsthand account from NCR Atleos on implementing a proactive risk management strategy, and see a live demo of software risk detection and remediation in action. Have questions or need help? Reach out to us at [email protected] Key Insights: 🔹92% of organizations use open-source software, but 48% of codebases contain high-risk vulnerabilities. 🔹15% of data breaches in 2024 were linked to supply chain risks – a 68% increase from last year! 🔹Attackers are evolving, and traditional security tools often miss deeply embedded risks. _________________________________ Follow Qualys Online: X - https://x.com/qualys Linkedin -   / qualys   Youtube -    / @qualys   Vimeo - https://www.vimeo.com/qualys Website - https://www.qualys.com/ _________________________________ #CyberSecurity #SupplyChainRisk #OpenSourceSecurity #Log4j #ThreatDetection #RiskManagement #Qualys #AppSecurity #CyberThreats #VulnerabilityManagement