Loading…
AppSec Israel 2016 has ended
Back To Schedule
Monday, September 19 • 11:45 - 12:30
Could a few lines of code < F!#c > it all up!

Log in to save this to your schedule, view media, leave feedback and see who's attending!

March 2016. An anonymous open source developer decides to remove his code (left-pad) from a public repository.
Shortly thereafter, several large organizations felt the impact of his actions. Facebook, AirBnB and others experienced errors impacting the functionality of their services. Packages using “left-pad” wouldn’t properly execute.
Today, we embrace both the open source community and the growth of open source projects, modules and packages but… Dependencies and recursive dependencies might become a risk or even a new attack vector which we didn’t foresee.
Could there be other cases of common and popular open source packages depending on open source modules that might not be there tomorrow or, even worse, could they be maliciously modified?

Join us for an insightful session that will reveal our research on this topic where you will learn:
• Which common open source packages might not be there tomorrow and how this can affect you?
• How packages you use could be maliciously modified impact on your app Discuss the risks introduced by hybrid application development
• How intertwined and complex dependencies have become
 

Speakers
avatar for Amit Ashbel

Amit Ashbel

Cyber Security Evangelist
Amit has been with the security community for more than a decade where he has taken on multiple tasks and responsibilities, including technical and Senior Product lead positions. Amit adds valuable product knowledge including experience with a wide range of security platforms and... Read More →
avatar for Erez Yalon

Erez Yalon

VP of Security Research, Checkmarx
Erez Yalon is the VP of Security Research at Checkmarx. Yalon oversees Checkmarx’s research group comprising analysts, pen testers, security engineers, and threat hunters. He brings vast experience to his position and his efforts to empower today’s developers and organizations... Read More →


Monday September 19, 2016 11:45 - 12:30 IDT
Room 10 - CS and Communications Building
  Track 2