Beyond Solarwinds: Principles for Securing Software Supply Chains

Abstract

Supply chain exploitations like the SolarWinds compromise should not be a surprise. Since 2015, there have been numerous supply chain attacks.1 Billions of dollars are spent annually to protect against cybersecurity and software security incidents, yet the number and consequences of these types of incidents continue to increase. The recent SolarWinds2 exploitation is likely the most damaging known software-enabled supply chain cyber attack to date.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Mar 16, 2021
Accession Number
AD1148956

Entities

People

  • Charles Clancy
  • Chris Sledjeski
  • Christopher Nissen
  • Rick Ledgett

Organizations

  • MITRE Corporation

Tags

Communities of Interest

  • Biomedical
  • C4I
  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Acquisition
  • Application Software
  • Computer Programs
  • Computers
  • Computing System Architectures
  • Cybersecurity
  • Cyberspace Operations
  • Department Of Defense
  • Department Of Homeland Security
  • Governments
  • Information Exchange
  • Information Security
  • Information Systems
  • Intelligence Community (United States)
  • Law
  • National Security
  • Network Architecture
  • Supply Chain
  • Supply Chain Integrity

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Educational Psychology

Technology Areas

  • Cyber