Overview
Explore the critical issues surrounding supply chain security in this 33-minute Black Hat conference talk. Delve into the aftermath of recent attacks on the semiconductor industry, which have resulted in firmware source code leaks. Examine the potential consequences of compromised developer devices and their impact on source code repositories. Investigate the ongoing efforts to improve transparency in the firmware supply chain, including the implementation of policies and the adoption of "software bill of materials" (SBOMs). Gain insights into the challenges of achieving better visibility into software dependencies and the importance of implementing robust supply chain security practices. Learn from industry experts Richard Hughes, Alex Matrosov, and Kai Michaelis as they discuss the various aspects of supply chain security, including N-Days vulnerabilities and Zero Trust principles.
Syllabus
The Various Shades of Supply Chain: SBOM, N-Days and Zero Trust
Taught by
Black Hat