This course aims to educate participants on the rise of software supply-chain attacks and the security implications for .NET applications. By exploring different areas of the software supply chain, learners will identify security issues and learn how to address them. The course covers topics such as hacking history, supply chain components, vulnerabilities in container images and 3rd party libraries, and best practices for developing, testing, and releasing software. The intended audience for this course includes software developers, cybersecurity professionals, and individuals interested in understanding and enhancing the security of .NET applications. The teaching method involves a session that combines theoretical concepts with practical examples and demonstrations.
The Rise of Software Supply-Chain Attacks - How Secure is Your .NET Application
Overview
Syllabus
Intro
The Rise of Software Supply Chain Attacks
Agenda
Hacking History
Getting connected!
Smashing the Stack...
SQL Injection
Code Red & SQL Slammer
Bill Gates - Email to all MS FTE
Changes in Software Architecture
What is a Supply Chain?
Hacking Hardware
Octopus Scanner - NetBeans
Visual Studio Code
Development Machine
Canonical GitHub Account
Microsoft GitHub Account
Use MFA on source-repository
GIT Commit Signing
EvenStream NPM
Build / Deployment
XCode Ghost
Twilio SDK
Webmin Backdoor
Reproducable/Deterministic Builds
Automotive Industry
Car Supply Chain
Software Bill of Materials (SBOM)
In-Toto - Demo - Terminology
DataDog & In-Toto
Azure Pipelines Artifact Policy
Conclusion
Taught by
NDC Conferences
Related Courses
-
The Rise of Software Supply-Chain Attacks - How Secure is Your .NET Application
-
Securing Your .NET Application Software Supply Chain
-
Securing Your .NET Application Software Supply-Chain
-
Securing Your .NET Application Software Supply-Chain
-
Demystify Secure Software Supply Chain Metadata
-
Stranger Danger - Your JavaScript Attack Surface Just Got Bigger
