公式動画ピックアップ

AAPL   ADBE   ADSK   AIG   AMGN   AMZN   BABA   BAC   BL   BOX   C   CHGG   CLDR   COKE   COUP   CRM   CROX   DDOG   DELL   DIS   DOCU   DOMO   ESTC   F   FIVN   GILD   GRUB   GS   GSK   H   HD   HON   HPE   HSBC   IBM   INST   INTC   INTU   IRBT   JCOM   JNJ   JPM   LLY   LMT   M   MA   MCD   MDB   MGM   MMM   MSFT   MSI   NCR   NEM   NEWR   NFLX   NKE   NOW   NTNX   NVDA   NYT   OKTA   ORCL   PD   PG   PLAN   PS   RHT   RNG   SAP   SBUX   SHOP   SMAR   SPLK   SQ   TDOC   TEAM   TSLA   TWOU   TWTR   TXN   UA   UAL   UL   UTX   V   VEEV   VZ   WDAY   WFC   WK   WMT   WORK   YELP   ZEN   ZM   ZS   ZUO  

  公式動画&関連する動画 [Weaponizing Trust: How Attackers Hide Inside Trusted Ecosystems]

Supply chain attacks aren’t just about vulnerable code anymore. In this episode, Mitch Mayne sits down with cybersecurity expert Richard Emerson to unpack how attackers are exploiting trusted software packages, SaaS integrations, and open source dependencies to quietly infiltrate enterprise environments. From compromised NPM packages to cloud adoption, this conversation breaks down why traditional security models are struggling to keep up. Richard explains how modern threat actors are taking advantage of trusted activity to avoid detection, why downstream disruption creates chaos for security teams, and what organizations can do to reduce risk before an incident spirals out of control. The discussion also covers SBOMs, CI/CD hardening, zero trust for the supply chain, and why a wider definition of inventory visibility is becoming fundamental for security teams. If you’re responsible for securing software pipelines, SaaS ecosystems, or third-party integrations, this is a conversation you’ll want to hear. 00:00 Why supply chain attacks often look completely legitimate 01:07 How supply chain threats have evolved beyond vulnerable code 01:38 The rise of third-party risk and SaaS compromise 02:30 Why open source ecosystems create massive attack surfaces 03:14 How threat actors exploit trusted relationships to avoid detection 04:08 Why attackers focus on build-time compromises 04:34 The attack that infected 47 packages in under a minute 05:42 The growing blast radius of downstream disruption 06:18 Why inventory is still one of security’s biggest problems 07:43 Why malicious downloads often appear completely normal 08:33 Applying zero trust principles to the supply chain 09:10 Why SBOMs and vulnerability tracking matter more than ever 10:07 “Untrusted by default” as a modern security mindset [These are always the same] ✅Subscribe to our channel to stay up-to-date with the latest in cybersecurity and threat intelligence: @PaloAltoNetworksUnit42 ✅Subscribe to the Threat Bulletin https://unit42.paloaltonetworks.com/#:~:text=Subscribe%20for%20email%20updates%20to%20all%20Unit%2042%20threat%20research Join the conversation on our social media channels: Website: https://www.paloaltonetworks.com/unit42 Research Center: https://unit42.paloaltonetworks.com/ Facebook: / lifeatpaloaltonetworks LinkedIn: / unit42 YouTube: / @paloaltonetworksunit42 X: / unit42_intel Thank you for watching. If you found this clip insightful, please give it a thumbs up and subscribe to our Channel for more valuable content. To stay updated with the latest web application and API security, check out our website at https://www.paloaltonetworks.com/unit42. PALO ALTO NETWORKS Palo Alto Networks enables your team to prevent successful cyberattacks with an automated approach that delivers consistent security across the cloud, network, and mobile. http://paloaltonetworks.com
 137      3