allArticles Conferences Presentations

Exploiting Vulnerabilities and Flaws to Attack Supply Chain

Conference: RSA Conference 2023

2023-04-24

Authors: Ilay Goldman, Yakir Kadkoda

Abstract

In the supply chain ecosystem there are many vulnerable platforms that are trusted by the majority of developers. These platforms can be exploited in a number of ways by attackers. In this session we will elaborate on the many attack vectors including integrated development environment (IDE), source code management (SCM), package managers and CI/CD.

Materials:

Tags:

Post a comment

Related work

Breaking the Chain: An Attacker's Perspective on Supply Chain Vulnerabilities and Flaws

Conference: Black Hat Asia 2023

Authors: Yakir Kadkoda, Ilay Goldman

2023-05-12

Attacking & Defending Kubernetes TEE Enclaves in Critical Infrastructure

Conference: KubeCon + CloudNativeCon Europe 2022

Authors: Robert Ficcaglia

2022-05-20

Picking Lockfiles: Attacking & Defending Your Supply Chain

Conference: BlackHat USA 2021

Authors:

2021-11-11

Securing the IaC Supply Chain

Conference: KubeCon + CloudNativeCon North America 2022

Authors: Jesse Sanford, Jason Hall

2022-10-26

Sponsored Keynote: Why Developer Laptop Security is Key to Securing Your CI/CD Pipeline

Conference: Cloud Native SecurityCon North America 2023

Authors: Saurabh Wadhwa

Keynote: Why Developer Laptop Security is Key to Securing Your CI/CD Pipeline

Conference: Cloud Native SecurityCon North America 2022

Authors: Jeremy Colvin

2022-10-24