OWASP BAY Area chapter February meetup

Schedule

Wed Feb 08 2023 at 05:30 pm to 08:00 pm

Location

GitHub | San Francisco, CA

Advertisement
OWASP BAY Area chapter meetup, hosted by GitHub is a great occasion to connect with other security researchers, developers and managers.
About this Event

Agenda:

5:00 - Check in, grab some food/drinks and network

5:45 - Introductions & free security features on GitHub

6:00 - 6:45 - Building trust in your container supply chain

6:45 - 7:30 - Every risk is not a CVE: Bolster up against software supply chain attacks

7:30 - Networking 

8:00 - Conclusion  


About the Sessions

Talk#1: Building trust in your container supply chain

Speakers: 

Sai Santosh Vernekar| Senior Information Security Analyst, Kohl’s

Swarup Natukula | Senior Information Security Analyst, Kohl’s

Applications are made up of software components. The supply chain is at the heart of developing, delivering, maintaining, and scaling applications. It is critical to understand the risk in each component in order to safeguard the supply chain. End-to-end security is critical to mitigating the risks associated with open source software, regardless of the application that is being created.


In this talk, we will look at the challenges associated with the "Container" supply chain, as well as some of the technology, processes, and tools that you can use to create confidence in your container supply chain.


Talk#2

Every risk is not a CVE: Bolster up against software supply chain attacks

Speaker: Varun Badhwar, Founder/CEO of Endor Labs

3rd party and open source software components are both desired and indispensable ingredients used throughout the development lifecycle, but their consumption comes with considerable security risks, both for the developer herself and her downstream users. The rise of corresponding security incidents demonstrates that adversaries discovered those attack vectors as a viable and scalable attack pattern. 

We will present a comprehensive, comprehensible and technology-agnostic taxonomy of attack vectors, created on the basis of hundreds of real-world incidents, and validated by experts in the domain. An interactive visualization of this taxonomy, available as open source itself, will be demoed throughout the talk to explain different techniques at the disposal of attackers, supported by real-world examples.Following, we will discuss the types of defenses you can put in place to detect and respond to such modern day attacks. 

Looking forward to connecting at the Security Meetup ?


Advertisement

Where is it happening?

GitHub, 88 Colin P Kelly Junior Street, San Francisco, United States

Event Location & Nearby Stays:

Tickets

USD 0.00

prashant

Host or Publisher prashant

Tags:

Parties in San Francisco

It's more fun with friends. Share with friends