NY State-Licensed Certificates in Design, Coding & AI — Online
Learn Backend Development Part-Time, Online
Overview
AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore the tactics, techniques, and procedures (TTPs) of attacks on open-source software in Python during this comprehensive conference talk from Conf42 DevSecOps 2023. Delve into the importance of supply chain security, tracing the history of attacks and examining common TTPs. Witness live demonstrations of starjacking, installation and delivery methods, as well as exfiltration and command and control techniques. Learn about effective defense strategies to protect against these threats. Gain valuable insights into securing Python packages and enhancing overall software supply chain security.
Syllabus
intro
preamble
disclaimer
contents
why this topic is important?
history of supply-chain attacks
ttps in supply-chain attacks
starjacking demo
installation & delivery
- demo
exfiltration and c2
- demo
defences
credits and references
thank you!
Taught by
Conf42