In person

The New Normal: AI and Malware in Software Supply Chain Attacks

The New Normal: AI and Malware in Software Supply Chain Attacks

Join us on March 4th at 3.20pm as Tom Gleason leads a panel of security leaders From NatWest Boxed, Egnyte and Integral Ad Science at DevOpsLive.

2025 marked a turning point for software supply chain security, not because of a single headline breach, but because of a clear and sustained pattern. Worm-style malware attacks like Shai-Hulud drove a dramatic spike in compromised legitimate packages, while mass compromise of shared CI components and AI-enabled attacker tooling made supply chain attacks a routine risk of modern software development. Attackers use AI to scale reconnaissance, generate convincing social engineering, and identify weaknesses in legitimate packages. Defenders must match this speed, detecting malware campaigns before they land on developer machines or in CI.

This panel explores how to match that speed: what software supply chain attacks look like today and why developers have become primary targets. Panelists discuss AI-assisted attacker tactics and what this means for protecting engineering teams. The session concludes with practical actions for security and engineering leaders: common misconceptions, concrete defensive steps, and how to balance delivery speed with systemic risk.

Location: DevSecOps Theatre (Right next to the Endor booth!) 

Date
March 4, 2026
Time
3:20 PM
Location
Europe

Speakers

Tom Gleason, VP of Customer Solutions
Tom Gleason
VP, Customer Solutions
A photo of Henrik Plate — Security Research at Endor Labs.
Henrik Plate
Member of Technical Staff
Endor Labs
Maciej Markiewicz
Senior Manager, Security Engineering
Egnyte
Kevin Fielder
CISO
NatWest Boxed
Aanchal Mittal
Application Security Manager
Integral Ad Science

Sign up now

Request a Meeting

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Event Overview

Speakers

Tom Gleason, VP of Customer Solutions
Tom Gleason
VP, Customer Solutions
A photo of Henrik Plate — Security Research at Endor Labs.
Henrik Plate
Member of Technical Staff
Endor Labs
Maciej Markiewicz
Senior Manager, Security Engineering
Egnyte
Kevin Fielder
CISO
NatWest Boxed
Aanchal Mittal
Application Security Manager
Integral Ad Science

Schedule

No items found.

No items found.

Want to stay in the loop?

Sign up for our newsletter.

Subscribe
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
AI SAST Finding: Path Traversal in OpenClaw via LLM Guardrail Bypass

AI SAST Finding: Path Traversal in OpenClaw via LLM Guardrail Bypass

How Endor Labs' AI SAST engine identified a path traversal vulnerability in OpenClaw's apply_patch tool tracked as (GHSA-r5fq-947m-xm57)
Read more
Supply Chain Attack targeting Cline installs OpenClaw

Supply Chain Attack targeting Cline installs OpenClaw

A compromised release of the popular Cline CLI npm package silently installs OpenClaw globally on any machine.
Read more
How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities

How AI SAST Traced Data Flows to Uncover Six OpenClaw Vulnerabilities

We discovered six vulnerabilities in OpenClaw using Endor Labs’ AI SAST data flow analysis and validated working exploits.
Read more