BloomTech’s Downfall: A Long Time Coming

Practical Approach to Automate the Discovery and Eradication of Open-Source Software Vulnerabilities

Practical Approach to Automate the Discovery and Eradication of Open-Source Software Vulnerabilities

Black Hat via YouTube Direct link

Intro

1 of 26
Next

1 of 26

Intro

Class Central Classrooms beta

YouTube playlists curated by Class Central.

Classroom Contents

Practical Approach to Automate the Discovery and Eradication of Open-Source Software Vulnerabilities

Automatically move to the next video in the Classroom when playback concludes
  1. 1 Intro
  2. 2 The Benefits of Open Source Software
  3. 3 Open source security is a strange thing
  4. 4 Typo squatting
  5. 5 Package Masking
  6. 6 Ownership transfer
  7. 7 Dangling references
  8. 8 Picking a target for infection
  9. 9 How dependencies gets infected?
  10. 10 How can we protect ourselves from supply chain attacks?
  11. 11 Netflix Microservice Architecture
  12. 12 Design principles for our approach
  13. 13 Build open source vulnerability database
  14. 14 Vulnerability Triage
  15. 15 Risk Strategy Table - Example 1
  16. 16 Requirements for effective vulnerability remediation
  17. 17 Understanding minimum version update problem
  18. 18 First order dependency problem
  19. 19 Yarn Selective dependency resolutions - Example
  20. 20 Dependency lock updates
  21. 21 Security Change Campaigns
  22. 22 Security Change Campaign - Blacklist
  23. 23 Vulnerable method use detection
  24. 24 Better remediation (slack bot remediation)
  25. 25 Questions we ask for organizational metrics
  26. 26 Blackhat sound bytes

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Sign up for free
Someone learning on their laptop while sitting on the floor.