Explore the world of Supply Chain Attacks (SCAs) in this informative conference talk from OWASP Global AppSec Tel Aviv. Delve into the significant impact of SCAs in 2018, focusing on high-profile cases involving major e-commerce companies like British Airways and Ticketmaster. Learn about the notorious Magecart cyber criminal groups and their tactics. Examine the inner workings of SCAs, their scalability, and potential prevention and mitigation strategies. Evaluate the effectiveness of existing solutions such as Content Security Policy and Subresource Integrity. Gain insights from a detailed analysis of a real-life SCA, including a breakdown of the attacking code. Discover a new approach based on DOM real-time monitoring, complete with a live demonstration of this innovative solution defending against the previously discussed SCA. Assess the merits of this new technique in detecting and mitigating various SCA attacks.
Rhyming with Hacks - The Ballad of Supply Chain Attacks
Overview
Syllabus
Rhyming with Hacks - the Ballad of Supply Chain Attacks - PEDRO FORTUNA
Taught by
OWASP Foundation
Related Courses
-
Magecart - A Growing Threat to E-Commerce Sites
-
Software Supply Chain Attacks - Understanding Risks and Prevention
-
XZ Backdoor - Navigating the Complexities of Supply Chain Attacks Detected by Accident
-
Supply Chain Attacks: The New Reality
-
What Hacking the Planet Taught Us About Defending Supply Chain Attacks
-
Design-Level Supply Chain Attacks in the Real World
