Malicious open-source components threatening digital infrastructure

A new risk emerges in the digital era, where open-source software has become a fundamental pillar in developing innovative applications. The threat? Malicious open-source components.

In this Help Net Security video, Henrik Plate, Lead Security Researcher at Endor Labs, discusses the dual-edged nature of open-source software. While it has long been celebrated for its collaborative nature and rapid evolution, it also unwittingly presents an avenue for cybercriminals to exploit unsuspecting users. The issue of malicious components embedded within these open-source libraries is escalating. This trend poses a significant risk to global cybersecurity.

Henrik is an experienced software developer. His current research focuses on the security of software supply chains, including the detection, assessment, and mitigation of dependencies with known vulnerabilities and malicious open-source components.