The Anatomy of the Codecov Breach

A CyberArk Labs Webinar

On-Demand

Codecov Breach: A Needle in a Haystack of Code

A single line of malicious code. Hidden in approximately 1,900 lines.

The breach on code testing software vendor Codecov could have easily gone unnoticed for an indefinite amount of time.

Bearing resemblance to the 2020 SolarWinds attack, it’s another example of highly evasive supply chain infiltration in which malicious actors target and steal credentials to get to their intended target. For Codecov – the target was amongst their 29,000 customers worldwide.

The team at CyberArk Labs has closely analyzed the attack and whilst the longer-term impact of this attack are still being investigated, the team is ready to report its findings to you – on Thursday the 15th July.

Here’s what they’ll cover:

• Hacks and backdoors: an examination of the Codecov attack chain
• Discovering the breach: how months could have been years
• Cloud & DevOps: operational challenges and threats
• Fragmented Security Architecture: Rise of the Shadow Admin
• Supply Chain Attacks: The different types, ramifications and fallout
• Taking the learnings: A discussion on mitigation strategies.

SHARE THIS

ABOUT CYBERARK

CyberArk is the global leader in Identity Security. Centered on privileged access management, CyberArk provides the most comprehensive security offering for any identity – human or machine – across business applications, distributed workforces, hybrid cloud workloads and throughout the DevOps lifecycle. The world’s leading organizations trust CyberArk to help secure their most critical assets.