Explore a comprehensive keynote address from Black Hat that delves into the challenges of defending against supply chain compromises in the current landscape. Examine the state of supply chain risks, their potential consequences, and industry-wide mitigation strategies. Gain insights into topics such as herd immunity, software supply chain threats, mass exploitation, and notable cybersecurity incidents from 2020. Learn about the complexities of mobile device security, supply chain infections, and intrusion techniques. Discover potential solutions, including mobile entitlements, Windows entitlement systems, and certificate transparency. Engage with audience questions to further understand the future of contactless deliveries and supply chain security.
Supply Chain Infections and the Future of Contactless Deliveries
Overview
Syllabus
Introduction
Thank you
RIP Phillipe Courteau
Dan Kaminsky Fellowship
Countries
Scholarship Programs
Military Veteran Scholarship
Community Partners
Herd Immunity
Immunity Cheat Sheet
Do Nothing or Not immunize
Software Supply Chain
Welcome
Who am I
Two motivating graphs
Project Zero
Threats
Traditional Model
Mass Exploitation
Big stories of 2020
Similarities and observations
Three driving stories
Zeroday
Bug Bounty
Incentives Failure
Mobile Devices
Supply Chain Infections
SolarWinds
Corsair
Mobile attacks
Supply chain intrusions
Target selection
How do we fix it
Mobile entitlements
Windows entitlement system
Certificate transparency
Summary
Audience Questions
Taught by
Black Hat
Related Courses
-
Broken Links - Emergence and Future of Software-Supply Chain Compromises
-
SMS PVA Services Fueled by Compromised Supply-Chain Mobile Botnets
-
Code Dependency - Chinese APTs in Software Supply Chain Attacks
-
Two Strategies for Supply Chain Attacks
-
The Enemy Within - Modern Supply Chain Attacks
-
The Various Shades of Supply Chain - SBOM, N-Days and Zero Trust
