OWASP BAY Area chapter February meetup
Schedule
Wed Feb 08 2023 at 05:30 pm to 08:00 pm
Location
GitHub | San Francisco, CA
About this Event
Agenda:
5:00 - Check in, grab some food/drinks and network
5:45 - Introductions & free security features on GitHub
6:00 - 6:45 - Building trust in your container supply chain
6:45 - 7:30 - Every risk is not a CVE: Bolster up against software supply chain attacks
7:30 - Networking
8:00 - Conclusion
About the Sessions
Talk#1: Building trust in your container supply chain
Speakers:
Sai Santosh Vernekar| Senior Information Security Analyst, Kohl’s
Swarup Natukula | Senior Information Security Analyst, Kohl’s
Applications are made up of software components. The supply chain is at the heart of developing, delivering, maintaining, and scaling applications. It is critical to understand the risk in each component in order to safeguard the supply chain. End-to-end security is critical to mitigating the risks associated with open source software, regardless of the application that is being created.
In this talk, we will look at the challenges associated with the "Container" supply chain, as well as some of the technology, processes, and tools that you can use to create confidence in your container supply chain.
Talk#2
Every risk is not a CVE: Bolster up against software supply chain attacks
Speaker: Varun Badhwar, Founder/CEO of Endor Labs
3rd party and open source software components are both desired and indispensable ingredients used throughout the development lifecycle, but their consumption comes with considerable security risks, both for the developer herself and her downstream users. The rise of corresponding security incidents demonstrates that adversaries discovered those attack vectors as a viable and scalable attack pattern.
We will present a comprehensive, comprehensible and technology-agnostic taxonomy of attack vectors, created on the basis of hundreds of real-world incidents, and validated by experts in the domain. An interactive visualization of this taxonomy, available as open source itself, will be demoed throughout the talk to explain different techniques at the disposal of attackers, supported by real-world examples.Following, we will discuss the types of defenses you can put in place to detect and respond to such modern day attacks.
Looking forward to connecting at the Security Meetup ?
Where is it happening?
GitHub, 88 Colin P Kelly Junior Street, San Francisco, United StatesEvent Location & Nearby Stays:
USD 0.00