GitHub Actions Supply Chain Attack: A Targeted Attack on Coinbase Expanded to the Widespread tj-actions/changed-files Incident: Threat Assessment (Updated 3/21)
Off the Beaten Path: Recent Unusual Malware
Investigating Scam Crypto Investment Platforms Using Pyramid Schemes to Defraud Victims
See all Unit 42 Threat Research

Unit 42 Supply Chain Risk Assessment Benefits

  • Identify unknown risks. Unit 42 will help reveal vulnerabilities caused by vendors across your supply chain and address risks that can leave your organization susceptible to compromise.

  • Reduce your attack surface. By understanding and prioritizing the risks, vulnerabilities, and threats introduced by your vendors—and then eliminating these issues—you’ll reduce your attack surface and lower the likelihood of suffering a supply chain attack.

  • Due diligence. With Unit 42, you can apply the Palo Alto Networks proprietary vendor due diligence framework to ensure that your vendors are adhering to recommended security standards and maintaining information technology hygiene.

Unit 42 Supply Chain Risk Assessment Methodology

Unit 42 offers an evidence-based framework to help you manage the growing threat of supply chain attacks.

unit-42-supply-chain-risk-assessment-methodology

Figure 1: Unit 42 Supply Chain Risk Assessment Methodology

  • Gather context. We establish a clear understanding of your procedures, tools, and capabilities through a pre-engagement survey.

  • Due Diligence Assessment: Using our proprietary vendor due diligence framework, we identify cybersecurity risks across your supply chain.

  • Attack surface mapping: Leveraging Cortex Xpanse® data, we create a detailed map of your asset inventory and internet-facing attack surface.

  • Penetration testing and threat hunting. Expert threat hunters and technical testing will uncover hidden cybersecurity risks and exploitable weaknesses.

  • Detailed findings and remediation support: You receive a detailed report highlighting risks and vulnerabilities and get our help to implement recommendations to improve.

About Unit 42

Unit 42® brings together our world-renowned threat researchers and hunters with an elite team of security consultants to create an intelligence-driven, response-ready organization. The Unit 42 Threat Intelligence team provides threat research that enables security teams to understand adversary intent and attribution while enhancing protections offered by our products and services to stop advanced attacks. As threats escalate, Unit 42 is available to advise customers on the latest risks, assess their readiness, and help them recover when the worst occurs. For the latest threat intel and research, please visit https://unit42.paloaltonetworks.com/.

Related Resources

Access a wealth of educational materials, such as datasheets, whitepapers, critical threat reports, informative cybersecurity topics, and top research analyst reports

See all resources

Get the latest news, invites to events, and threat alerts