Overview
Explore modern supply chain attacks and defense strategies in this 51-minute Black Hat conference talk. Gain practical guidance on defending against and responding to supply chain compromises, applicable to both SecOps and App Development professionals. Delve into real-world examples from GitHub, Office, and LinkedIn to understand supply chain risks. Learn about Microsoft's defense strategies, cloud security, and the importance of Cyber Defense Operations Centers. Examine the role of people in security, risk assessment techniques, and the concept of "assume breach." Discover practical advice on inventory management, services, and hardware security, including IoT considerations. Understand the significance of organizational culture and response strategies in cybersecurity. Leave with actionable insights on best practices, addressing small details, and embracing a holistic approach to supply chain security.
Syllabus
Introduction
The World Lives On A Giant Turtle
Its Turtles All The Way Down
Your Supply Chain
GitHub
Office
LinkedIn
Supply Chain Risk
Software
Defending Microsoft
Defending the Cloud
Cyber Defense Operations Center
The world needs more acronyms
People
Whats your risk
Assume breach
Remote viewing software
Practical advice
Services
Inventory
Blackout
Jumping Hardware
IOT
flickering
technology
my daughter
culture
response matters
best practices
the small stuff
embrace the whole
Taught by
Black Hat