Detecting the Modern Supply Chain Attack: High-Fidelity Canaries for CI/CD and Beyond

Learn how high-fidelity canaries complement your detection strategy to catch the supply chain attacks that slip past conventional controls.

Live webinar

May 7, 11pm ET / 8am PT / 4pm BST

Zoom

Nick Reva

Director of Security Engineering at DoorDash

Robert Thurtell

Director of Sales

Supply chain attacks are accelerating - and they're getting harder to detect. From compromised GitHub Actions workflows and poisoned npm packages to malicious CI/CD integrations, attackers are increasingly targeting the tools and pipelines your team trusts most. Traditional detection engineering struggles to keep pace with this evolving threat landscape. In this technical session, learn how high-fidelity canaries complement your existing controls to catch supply chain compromises before they become breaches.

Join Nick Reva, Director of Security Engineering at DoorDash, with 19 years of experience at high-engineering-bar companies including SpaceX and Snap. He'll be joined by Rob Thurtell from Tracebit for a hands-on exploration of threat-informed detection engineering, deception techniques, and a live demo of Tracebit Community Edition's GitHub Actions module.

You'll learn how to:

Understand how recent supply chain attacks exploit CI/CD pipelines, package registries, and developer tooling
See how high-fidelity canaries catch supply chain compromises that monitoring rules and SIEMs miss
Complement your existing detection controls with canary coverage across your software supply chain
Get started live with a demo of Tracebit Community Edition's GitHub Actions module

Who Should Attend:

Security leaders wanting to improve threat detection and post-breach capabilities
Security engineers and architects building detection engineering programs
Detection and response teams looking to improve signal fidelity and reduce alert fatigue
DevSecOps professionals responsible for supply chain security