SecurITree and Supply Chain Risks
Supply chain threats are particularly insidious. The Solarwinds compromise that occurred in 2020 is an example of how an adversary introduced malicious software into a widely used (and highly trusted) set of network tools. Compromising the trusted code before it was signed and distributed to users made customer detection of the malware extremely difficult -- even for organizations that followed the best security practices.
Of course, supply chain compromises are not limited to the software industry. Imagine the consequences if counterfeit or deficient components were introduced into aerospace, automobile, nuclear power or medical supply chains! SecurITree is a tool that allows analysts to explore and understand the risks their organizations face from supply chain threats. This understanding greatly enhances an organization's ability to protect themselves from these types of attacks.