EVENT THEME:
Hard lessons to be learnt from the SolarWinds attack

Hosted By

Date: Wednesday, 17th March 2021

Time: 2pm – 3pm (AEDT)

Location

Australia & New Zealand

Synopsis and overview of the session

On Dec 11 2020, the SolarWinds Orion security breach, a.k.a. SUNBURST, impacted numerous U.S. government agencies, business customers and consulting firms. Hackers managed to plant a backdoor in the SolarWinds system which is widely used across both Government and Private organizations. The malicious software looked legitimate because it was signed using the SolarWinds certificate. This is known as a supply-chain attack because it infects software as it’s under assembly. The compromised update has had a sweeping impact, the scale of which keeps growing as new information emerges. Join us for a high-level discussion on the lessons we can learnt from the attack and how can we safeguard ourselves against such attacks.

Focus Network, in partnership with Synopsys, will bring IT Security leaders from across Australia and New Zealand together to discuss these lessons and learn more around:

• Background on the SolarWinds attack
• How does it affect you?
• What could’ve been done?
• How to prevent the next supply chain attack

Presenters

Simon Scaife, Regional Sales Manager, Synopsys Software Integrity Group (SIG)

Simon is a Regional Sales Manager with the Synopsys Software Integrity Group (SIG) based out of Sydney, Australia. He Leverages his dozen years of experience, where he has taken on a multitude of tasks and responsibilities, helping him see the big picture in driving cyber security capability development, innovation and mission-outcome focused product selling.

During his time working in the software security industry he has had the opportunity to work on challenging problems and served as a guiding force behind the organizational vision for technology and future direction for clients through which diverse, collaborative teams can thrive.

His understanding of the software development lifecycle and genuine desire to address organizational challenges have been instrumental in allowing him to facilitate the delivery of application security and culture uplift, thus bringing an overarching positive impact to the business.

Ashwath Reddy, Principal Consultant, Synopsys Software Integrity Group (SIG)

Ashwath currently works as a Principal Consultant at Synopsys. He has previously worked as a Security Engineer at Microsoft Corp. His interests are in Cloud Security, Red teaming, Application security (Web Applications) and Threat Modeling. He has released plugins for Burp to handle complex authentication mechanisms . He has presented at FS-Isac, Nullcon, Cocon, Bright Talk, 50p (HasGeek) and has written articles for a Digital Forensics magazine. He has presented at technical conferences conducted by Singapore Airlines, SAP, IAF, Infosys, NetApp amongst others.

About Synopsys

The Synopsys difference

Synopsys helps development teams build secure, high-quality software, minimizing risks while maximizing speed and productivity.

Synopsys, a recognized leader in application security, provides static analysis, software composition analysis, and dynamic analysis solutions that enable teams to quickly find and fix vulnerabilities and defects in proprietary code, open source components, and application behavior.

Website: www.synopsys.com/software-integrity.html