Rhyming with Hacks - The Ballad of Supply Chain Attacks

Explore the world of Supply Chain Attacks (SCAs) in this informative conference talk from OWASP Global AppSec Tel Aviv. Delve into the significant impact of SCAs in 2018, focusing on high-profile cases involving major e-commerce companies like British Airways and Ticketmaster. Learn about the notorious Magecart cyber criminal groups and their tactics. Examine the inner workings of SCAs, their scalability, and potential prevention and mitigation strategies. Evaluate the effectiveness of existing solutions such as Content Security Policy and Subresource Integrity. Gain insights from a detailed analysis of a real-life SCA, including a breakdown of the attacking code. Discover a new approach based on DOM real-time monitoring, complete with a live demonstration of this innovative solution defending against the previously discussed SCA. Assess the merits of this new technique in detecting and mitigating various SCA attacks.

Rhyming with Hacks - the Ballad of Supply Chain Attacks - PEDRO FORTUNA