Explore the intricacies of supply chain security in a DefCamp 2023 conference talk delivered by Todor Todorov, Senior Software Engineer at Payhawk. Delve into the world of "Supply Chain Shenanigans" with a focus on malicious npm packages and suspicious NuGet components. Gain insights from this 26-minute presentation, which was part of the largest annual hacking and cybersecurity conference in Central and Eastern Europe. Learn about the potential vulnerabilities in software supply chains and how they can be exploited. Understand the importance of vigilance when using popular package managers like npm and NuGet. Benefit from the expertise shared at an event that has attracted over 12,000 participants from more than 60 countries since its inception in 2011. Access additional resources, including presentation slides and related materials, through the DefCamp archive for a comprehensive understanding of this critical cybersecurity topic.
Overview
Syllabus
Supply Chain Shenanigans: Evil npm & Shady NuGet at DefCamp 2023
Taught by
DefCamp
Related Courses
-
Developer Security Champion: Supply Chain Security
-
Software Supply Chain Security: Understanding and Mitigating Package Ecosystem Attacks
-
Supply Chain Attacks - Focusing on NPM Vulnerabilities and Defenses
-
Supply Chain Attacks: Focusing on NPM Vulnerabilities - DevSecOps 2023
-
Kittens Falling from the Skies - Operation Romania
-
The JARM'ing Adventures of a Weaponized Security Tool
