According to the recent study 85% of code that we are deploying is coming from open-source dependencies. Now with this data attackers are targeting the vulnerabilities in open source libraries.
So we should know about what all libraries are being imported in our codebase. SBOM is the way to keep track of all components used in project.
However, as SBOM sharing becomes mandatory by regulatory, attackers are increasingly using AI to weaponize this data and accelerate exploitation.
This session explains how SBOMs are analyzed by AI to identify high-impact vulnerabilities and generate targeted attacks. Through real-world incidents attendees will understand the impact of AI on Software supply chain attacks.
The talk also covers secure SBOM generation, controlled sharing & implementing supply-chain firewall.
Also I will show live demo of AI Agent which takes sbom as input and provide the exploits to attack the application.
Secure your Software Supply Chain by Implementing tools like Cyclonedx and Dependency Track.
Use AI in defensive mode to stay ahead of attackers.