Guarding against supply chain attacks—Part 3: How software becomes compromised
Set a high standard of software assurance with internal teams, partners, and suppliers to reduce your risk of a software supply chain attack.
Supply chain attacks
Supply chain attacks target software developers and suppliers with the goal of accessing source codes, building processes, or updating mechanisms. Explore how attackers exploit weaknesses to compromise trusted systems and distribute malicious code.
Refine results
Topic
Products and services
Publish date
Tailored AI insights from Microsoft Security Copilot
Empower your defenders to detect hidden patterns, harden defenses, and respond to incidents faster with generative AI.
-
-
Defending the power grid against supply chain attacks—Part 1: The risk defined
The “Defending the power grid against supply chain attacks” blog series analyzes how supply chain attacks are conducted and the steps utilities, device manufacturers, and software providers can take to better secure critical infrastructure. -
Ghost in the shell: Investigating web shell attacks
Web shell attacks allow adversaries to run commands and steal data from an Internet-facing server or use the server as launch pad for further attacks against the affected organization. -
Guarding against supply chain attacks—Part 2: Hardware risks
Part 2 examines the hardware supply chain, its vulnerabilities, how you can protect yourself, and Microsoft’s role in reducing hardware-based attacks. Go beyond data protection with Microsoft Purview
Govern, protect, and manage all of your data with Microsoft Purview, comprehensive solutions to help give you better visibility and control.
-
Guarding against supply chain attacks—Part 1: The big picture
Paying attention to every link in your supply chain is vital to protect your assets from supply chain attacks. -
Attack inception: Compromised supply chain within a supply chain poses new risks
A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection (Windows Defender ATP) emerged as an unusual multi-tier case. -
A new best practice to protect technology supply chain integrity
The success of digital transformation ultimately relies on trust in the security and integrity of information and communications technology (ICT).
