Nov 2, 2021
0 0

Making the Case for Supply Chain Behavior Transparency

Written by

The Biden Administration’s Cyber Executive Order includes a Software Bill of Materials (SBOM), an electronically readable format designed to provide an inventory of third-party components that make up software components.  It is a critical and necessary first measure for protecting the software supply chain, but is it enough?
One of the biggest challenges to supply chain transparency and the SBOM model is identifying software components with sufficient discoverability and uniqueness. Component identification is fundamental to SBOM and needs to scale globally across diverse software ecosystems, sectors, and markets.  To defend against cyber-attacks, such as the ones that impacted SolarWinds and recent ransomware victims, organizations also need transparency about the behaviors of the software components in their supply chain––how, and with whom, they are engaging in and outside of their networks.
Ted Driggs, Head of Product, and Ben Higgins, Distinguished Software Engineer, from ExtraHop joined Business Security Weekly to explore how behavior transparency can give organizations an advantage by distinguishing between expected noise and indications of compromise.  Even an 80/20 rule on behaviors reduces the amount of alerts an analyst needs to review.
During the interview, Ted and Ben discussed the advantages of behavior transparency, but also the challenges.  Behavior transparency requires a standardized, machine readable format that can be ingested by other products and technologies.  This file needs to identify fingerprints, detections, domains, and processes that uniquely identify the behavior of each software component.  Behavior transparency also requires a central database for these behavior files that can be updated quickly as software components, and their associated behaviors, change.
ExtraHop is focused on this effort, but needs the support of the broader security community.  Endpoint behaviors, integration with other security products, and standardization of formats and protocols are all critical components to achieve behavior transparency.  To learn more, watch the interview on Business Security Weekly here or visit for more information.

Security Weekly is the security podcast network for the security community, distributing free podcasts and media since 2005. We connect the security industry and the security community through our security market validation programs.
We view our relationships with the security industry as partnerships, not sponsorships. Security Weekly works closely with each partner to help you achieve your marketing goals and gain traction in the security market. Interested in becoming a partner? Please visit our partnerships page.
Back to Top
 RSS – Posts


Article Categories:
Cybersecurity News

Comments are closed.