Conference:  Defcon 31

Authors: Mikko Hypponen Researcher, WithSecure

2023-08-01

Russia is the world’s largest country. I’ve lived all my life in Finland, about a hundred miles from the Russian border. Finland has learned to live next to a very large and very unpredictable neighbor. Both my grandfathers fought Russia in the second world war. Today, Finland ranks as one of the least corrupted countries in the world, while Russia ranks as one of the most corrupted countries. How is that even possible? As Russia has grown more aggressive over the last decade and as it violently attacked Ukraine, attitudes about neutrality changed quicky in my home country. When Finland joined NATO in April 2023, NATO more than doubled its land border with Russia – which is probably not what Putin had in mind. This talk will summarize the developments of the Russian cyber programs and about Russian patriotic hacker groups that got us into where we are today and makes educated guesses about where Russia will be headed next.

Conference:  Global AppSec San Francisco 2022

Authors: Clara Andress

2022-11-17

Cyber Security has many diverse fields within it, from helping engineers learn secure coding principles to securing networks and hosts. By the end of this talk, you will understand the differences between some of these paths, how to leverage existing skills, and how to level up and learn new skills to help you on the road to becoming a cyber security professional.

Conference:  SupplyChainSecurityCon 2022

Authors: Tracy Ragan

2022-06-22

The presentation discusses the importance of software supply chain security in a microservices world and how Artillios.io is addressing the issue through the use of S-bombs and CVE data.

• Artillios.io is addressing the issue of software supply chain security in a microservices world
• S-bombs and CVE data are important in tracking vulnerabilities and dependencies
• Artillios.io aggregates S-bombs and CVE data to provide a comprehensive view of an application's components and their vulnerabilities
• The use of S-bombs and CVE data saves time and resources in tracking vulnerabilities and redundancies
• The presentation suggests the need for better management of code in an assembly line and the potential for autonomous coding in the future