The Rise of Software Supply-Chain Attacks - How Secure is Your .NET Application
Offered By: NDC Conferences via YouTube
Course Description
Overview
Explore the evolution and increasing sophistication of software supply-chain attacks in this comprehensive conference talk. Delve into the history of hacking, from early infrastructure vulnerabilities to modern DevOps pipeline exploits. Examine the complexities of cloud-native approaches and their expanded attack surfaces. Learn to identify and mitigate security issues across various stages of the software supply chain using a .NET application as a practical example. Gain insights into protecting development machines, securing source repositories, implementing reproducible builds, and safeguarding deployment processes. Understand the importance of vigilance in an era where attacks target every step of software development, testing, and release.
Syllabus
Intro
The Rise of Software Supply Chain Attacks
Agenda
Hacking History
Code Red & SQL Slammer
Bill Gates - Email to all MS FTE
Changes in Software Architecture
What is a Supply Chain?
Hacking Hardware
Octopus Scanner - NetBeans
Visual Studio Code
Development Machine
Canonical GitHub Account
Microsoft GitHub Account
Use MFA on source-repository
GIT Commit Signing
Build / Deployment
Twilio SDK
Webmin Backdoor
SolarWinds Sunspot
Reproducable/Deterministic Builds
Automotive Industry
Car Supply Chain
DataDog & In-Toto
Azure Pipelines Artifact Policy
Conclusion
Taught by
NDC Conferences
Related Courses
Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld SystemsVanderbilt University via Coursera The Caltech-JPL Summer School on Big Data Analytics
California Institute of Technology via Coursera Automated Visual Software Analytics
openHPI Software Architecture & Design
Georgia Institute of Technology via Udacity Software Architecture for the Internet of Things
EIT Digital via Coursera