Overview
Explore a comprehensive conference talk on software supply chain attacks, their impact, and mitigation strategies. Dive into a 360-degree view of the attack surface, examining real-world examples and exploit details from commercial applications like SolarWinds and open-source components such as UAParser.js. Learn about dormant vulnerabilities, dependency confusion, typo squatting, and brandjacking. Discover various frameworks and guidelines to handle the complexity of supply chain attacks and minimize the attack surface, catering to both developers and compliance-oriented CISOs. Gain valuable insights into protecting your organization from subtle yet far-reaching security threats in the evolving landscape of cybersecurity.
Syllabus
Attacking through the Software Supply Chain - Felix Leder - NDC Security 2023
Taught by
NDC Conferences