The Various Shades of Supply Chain: SBOM, N-Days and Zero Trust | allinfosecnews.com

Oct. 4, 2023, 6:47 p.m. | Black Hat

Black Hat www.youtube.com

Over the past two years, attacks on multiple targets in the semiconductor industry have consistently led to leaks of firmware source code. A compromised developer device could potentially give an attacker access to the source code repository, adding a major gap in the security of the software supply chain. There are multiple policies in place to improve transparency in the firmware supply chain in general, but implementing and adopting them will take years. The technology industry is in the midst …

access attacker attacks code code repository compromised developer device firmware gap industry leaks led major repository sbom security semiconductor software software supply chain source code supply supply chain trust zero trust

More from www.youtube.com / Black Hat

Startup Spotlight Competition at Black Hat 1 week ago | www.youtube.com

bhusa blackhat cybersecurity infosec +1

Locknote: Conclusions and Key Takeaways from Day 2 3 weeks, 5 days ago | www.youtube.com

black hat black hat europe board board members +15

Locknote: Conclusions and Key Takeaways from Day 1 3 weeks, 5 days ago | www.youtube.com

black hat black hat europe board board members +16

Keynote: My Lessons from the Uber Case 3 weeks, 5 days ago | www.youtube.com

addition best practices case convicted +16

Keynote: Industrialising Cyber Defence in an Asymmetric World 3 weeks, 6 days ago | www.youtube.com

adversaries challenge cyber cyber defence +10

The Black Hat Europe Network Operations Center (NOC) Report 3 weeks, 6 days ago | www.youtube.com

back black hat black hat europe center +14

My Invisible Adversary: Burnout 1 month ago | www.youtube.com

adversary attackers attacks burnout +11

The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility 1 month ago | www.youtube.com

analysis ask bad codeql +10

A World-View of IP Spoofing in L4 Volumetric DoS Attacks - and a Call to … 1 month ago | www.youtube.com

attacks call cloudflare detection +10

Offensive Security Engineering Technical Lead, Device Security

@ Google | Amsterdam, Netherlands

View on infosec-jobs.com

Senior Security Engineering Program Manager

@ Microsoft | Redmond, Washington, United States

View on infosec-jobs.com

Information System Security Analyst

@ Resource Management Concepts, Inc. | Dahlgren, Virginia, United States

View on infosec-jobs.com

Critical Facility Security Officer - Evening Shift

@ Allied Universal | Charlotte, NC, United States

View on infosec-jobs.com

Information System Security Officer, Junior

@ Resource Management Concepts, Inc. | Patuxent River, Maryland, United States

View on infosec-jobs.com

Security Engineer

@ JPMorgan Chase & Co. | Plano, TX, United States

View on infosec-jobs.com