Attack on NPM Supply Chain
DevOps
Attack on NPM Supply Chain
About
Attack on NPM Supply Chain
About
In 2022 Open Source Software’s supply chain attacks skyrocketed by 600% using popular libraries and tools as vectors. With 2.1 trillions of packages downloaded in the last year, NPM has become the preferred target of this kind of attacks. We will see the clever techniques and the subtle weaknesses exploited by attackers to allow malicious packages compromise our applications. Moreover we will learn: - what kind of risks we are exposed to - how to mitigate them - some notable supply chain attacks that hit the news Warning: after the talk you will not launch a npm install without fear again.
Language
English
Level
Intermediate
Length
33 minutes
Type
conference
About the speaker
About the speaker
Alessandro Miliucci
speaker •
Details
Language
English
Level
Intermediate
Length
33 minutes
Type
conference