Explore the critical security concerns surrounding Gradle and learn effective strategies to safeguard your builds from potential threats in this 37-minute conference talk from Android Makers. Gain valuable insights into the Gradle Wrapper supply-chain attack and understand how to implement protective measures. Discover the intricacies of Gradle dependency attacks and acquire practical defense techniques. Obtain a comprehensive list of security best practices for Gradle, including wrapper verification, repository filtering, and dependency verification. Delve into topics such as introduction, dependency verification, metadata verification, ASC file verification, pros and cons, Minecraft verification, and pull via methods. Leave equipped with essential knowledge to enhance the security of your Gradle projects and protect against common vulnerabilities.
Overview
Syllabus
Intro
Introduction
Dependency Verification
Metadata Verification
ASC File Verification
Pros and Cons
Minecraft
Verification
Pull via
Conclusion
Taught by
Android Makers