Cheryl Biswas – Signed, Sealed, Delivered: Abusing Trust in Supply Chain – DEF CON 29 AppSec Village
Our technology-driven world increasingly relies on software dependencies: third party code, open source libraries and shared repositories. A history of software supply chain attacks shows how easy it is to create confusion and send malicious code undetected through automated channels to trusting recipients. SolarWinds delivered a hard truth to defenders: everyone is vulnerable when trust can be abused. Are we ready for what will be sent down the pipeline next?
by AppSec Village
linux foundation
