This course explores the rise of software supply-chain attacks and assesses the security of .NET applications. The learning outcomes include understanding the complexities of the software supply chain, identifying security issues within the supply chain, and exploring potential solutions. The course covers a range of topics such as the history of hacking, changes in software architecture, supply chain components, and specific security issues like vulnerabilities in container images and 3rd party libraries. The teaching method involves a practical approach using a .NET application to analyze different areas of the supply chain. The intended audience for this course includes software developers, cybersecurity professionals, and individuals interested in understanding and enhancing the security of .NET applications.
The Rise of Software Supply-Chain Attacks - How Secure is Your .NET Application
Overview
Syllabus
Intro
The Rise of Software Supply Chain Attacks
Agenda
Hacking History
Code Red & SQL Slammer
Bill Gates - Email to all MS FTE
Changes in Software Architecture
What is a Supply Chain?
Hacking Hardware
Octopus Scanner - NetBeans
Visual Studio Code
Development Machine
Canonical GitHub Account
Microsoft GitHub Account
Use MFA on source-repository
GIT Commit Signing
Build / Deployment
Twilio SDK
Webmin Backdoor
SolarWinds Sunspot
Reproducable/Deterministic Builds
Automotive Industry
Car Supply Chain
DataDog & In-Toto
Azure Pipelines Artifact Policy
Conclusion
Taught by
NDC Conferences
Related Courses
-
The Rise of Software Supply-Chain Attacks - How Secure is Your .NET Application
-
Securing Your .NET Application Software Supply Chain
-
Securing Your .NET Application Software Supply-Chain
-
Securing Your .NET Application Software Supply-Chain
-
As Strong as the Weakest Link - Securing the Software Supply Chain
-
The Rise of Malware Within the Software Supply Chain
