Loading…
AppSec Israel 2016 has ended
Monday, September 19 • 11:45 - 12:30
Could a few lines of code < F!#c > it all up!

Log in to save this to your schedule and see who's attending!

March 2016. An anonymous open source developer decides to remove his code (left-pad) from a public repository.
Shortly thereafter, several large organizations felt the impact of his actions. Facebook, AirBnB and others experienced errors impacting the functionality of their services. Packages using “left-pad” wouldn’t properly execute.
Today, we embrace both the open source community and the growth of open source projects, modules and packages but… Dependencies and recursive dependencies might become a risk or even a new attack vector which we didn’t foresee.
Could there be other cases of common and popular open source packages depending on open source modules that might not be there tomorrow or, even worse, could they be maliciously modified?

Join us for an insightful session that will reveal our research on this topic where you will learn:
• Which common open source packages might not be there tomorrow and how this can affect you?
• How packages you use could be maliciously modified impact on your app Discuss the risks introduced by hybrid application development
• How intertwined and complex dependencies have become
 

Speakers
avatar for Amit Ashbel

Amit Ashbel

Cyber Security Evangelist
Amit has been with the security community for more than a decade where he has taken on multiple tasks and responsibilities, including technical and Senior Product lead positions. Amit adds valuable product knowledge including experience with a wide range of security platforms and... Read More →
avatar for Erez Yalon

Erez Yalon

AppSec Research Group Manager, Checkmarx


Monday September 19, 2016 11:45 - 12:30
Room 10 - CS and Communications Building