Overview
This course aims to educate participants on the importance of securing the software supply chain and the various ways attackers exploit vulnerabilities in third-party software. The learning outcomes include gaining a comprehensive understanding of the attack surface, recognizing different types of supply chain attacks, and exploring solutions to minimize the attack surface. Participants will learn about real-world examples, exploit details, and categories of attacks such as Dependency Confusion and Brandjacking. The course teaches a range of tools and frameworks for handling complexity and reducing vulnerabilities, catering to developers and CISOs alike. The teaching method involves a presentation divided into two parts: showcasing the breadth of supply chain attacks and discussing practical solutions.
Syllabus
Attacking through the Software Supply Chain - Felix Leder - NDC Security 2023
Taught by
NDC Conferences