MFA and supply chain security: It's no magic bullet

With attackers increasingly targeting developer accounts and using them to poison software builds, manipulate code, and access secrets and data, development teams are under pressure to lock down their development environments.

Attackers are targeting the extensive access that a typical developer has to source code, code reviews, code commits, code modification, and other privileged tasks. The attacks on SolarWinds, Codecov, and Kaseya in recent years all demonstrate the havoc that an adversary with access to a development environment can wreak …

access accounts attackers code data developer development development teams down environments lock lock down magic mfa modification pressure reviews secrets security software source code supply supply chain supply chain security targeting teams under under pressure