Supply Chain Attacks: Focusing on NPM Vulnerabilities - DevSecOps 2023

Supply Chain Attacks: Focusing on NPM Vulnerabilities - DevSecOps 2023

Conf42 via YouTube Direct link

gemscanner

24 of 27

24 of 27

gemscanner

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Supply Chain Attacks: Focusing on NPM Vulnerabilities - DevSecOps 2023

Automatically move to the next video in the Classroom when playback concludes

  1. 1 intro
  2. 2 preamble
  3. 3 about danish
  4. 4 disclaimer
  5. 5 supply chain
  6. 6 software supply chain
  7. 7 supply chain attacks
  8. 8 examples
  9. 9 npm node package manager
  10. 10 maintainer email address takeover
  11. 11 significance of maintainer email - recently
  12. 12 process - attacker's perspective
  13. 13 defensive strategy for projects or companies
  14. 14 research - wordl-wide-how
  15. 15 hassan intro
  16. 16 research - npm packages domains
  17. 17 impact!!!
  18. 18 gap that could be filled
  19. 19 ruby gems research approach
  20. 20 vulnerable ruby gem
  21. 21 hardest part!
  22. 22 some fun stuff!
  23. 23 another tool: script to detect dependency confusion
  24. 24 gemscanner
  25. 25 solutions
  26. 26 any questions?
  27. 27 thank you!

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.