Nullcon Berlin 2023 | SCCI: The Road To Side-Channel Regression Testing In CI Development by Witold
Abstract:
---------------
Side-channel attacks are easily mistaken for being highly implementation-specific and thus unsuitable as tests. I'll show that, given some thought and engineering, side-channel regression testing is not only viable but also integrates quite well with a standard continuous integration development process.
I'll present a case study with live side-channel regression testing using GitHub actions CI. Countermeasures and regression tests will be implemented for sample attacks, preventing the vulnerabilities from being re-introduced into the code.
#sidechannelattack #Infosec #NullconBerlin
------------------------------------------------------------------------------------------
Follow nullcon on Facebook: https://www.facebook.com/nullcon
Twitter: https://twitter.com/nullcon
LinkedIn: http://linkedin.com/company/nullcon/
Website: https://nullcon.net
Видео Nullcon Berlin 2023 | SCCI: The Road To Side-Channel Regression Testing In CI Development by Witold канала nullcon
---------------
Side-channel attacks are easily mistaken for being highly implementation-specific and thus unsuitable as tests. I'll show that, given some thought and engineering, side-channel regression testing is not only viable but also integrates quite well with a standard continuous integration development process.
I'll present a case study with live side-channel regression testing using GitHub actions CI. Countermeasures and regression tests will be implemented for sample attacks, preventing the vulnerabilities from being re-introduced into the code.
#sidechannelattack #Infosec #NullconBerlin
------------------------------------------------------------------------------------------
Follow nullcon on Facebook: https://www.facebook.com/nullcon
Twitter: https://twitter.com/nullcon
LinkedIn: http://linkedin.com/company/nullcon/
Website: https://nullcon.net
Видео Nullcon Berlin 2023 | SCCI: The Road To Side-Channel Regression Testing In CI Development by Witold канала nullcon
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Tech Startups/Businesses and Infonomics | CXO Panel | Nullcon Security Conference March 2021](https://i.ytimg.com/vi/a9593s0TKLQ/default.jpg)
![Nullcon Berlin 2023 | Not So Famous Attack Vectors In The World Of Smart Contract Security!](https://i.ytimg.com/vi/C6A2kM1E3CM/default.jpg)
![Saikat Datta at NULLCON | #Nullcon2020 Diary](https://i.ytimg.com/vi/geqYJBdEWrg/default.jpg)
![AI vs. Pandemic by Sneha Banerjee | Winja Talks 2021](https://i.ytimg.com/vi/13N9YNjw5EQ/default.jpg)
![CXO Panel | Securing India The CERTIn Way | Nullcon Goa 2022](https://i.ytimg.com/vi/eMiS4bzq6lA/default.jpg)
![nullcon Goa 2017 - DevOpSec: Rapid Security In The AWS Cloud by Mikhail Advani and Rajesh Tamhane](https://i.ytimg.com/vi/8irWvs51sok/default.jpg)
![Nullcon Goa 2021 is back in Town](https://i.ytimg.com/vi/k00jPn8u1RY/default.jpg)
![Cloud Security Posture Management & Threat Protection | Suman & Sakaldeep | Nullcon Webinars 2022](https://i.ytimg.com/vi/7IvIR4pCakA/default.jpg)
![Nullcon Goa 2023 | Uncovering Azure's Silent Threats: A Journey Into Cloud Vulnerabilities by Nitesh](https://i.ytimg.com/vi/tv8tei97Sv8/default.jpg)
![Bhadra framework: Threat modeling for mobile communication systems by Sid Rao | Nullcon Webinar 2021](https://i.ytimg.com/vi/d6iDpHKvX2s/default.jpg)
![nullcon Goa 2014: Flowinspect A Network Inspection Tool by Ankur Tyagi @7h3rAm](https://i.ytimg.com/vi/E4YptOJzVXQ/default.jpg)
![nullcon Goa 2015: The NSA Playset RF Retroreflectors by Michael Ossmann](https://i.ytimg.com/vi/a4_PvN_A1ts/default.jpg)
![Reversing and De-Obfuscating Malware with Software Emulation | Nullcon Webinar 2022](https://i.ytimg.com/vi/-kLhxX-J7gE/default.jpg)
![nullcon Goa 2018 - Talk with Experts](https://i.ytimg.com/vi/6KJz50KImJw/default.jpg)
![macOS Security Features Bypasses by Example | Jonathan Bar Or (JBO) | Nullcon Webinars 2022](https://i.ytimg.com/vi/xolJTvB5hpA/default.jpg)
![nullcon Goa 2017 - CXO Panel 'Digital Warriors: India And The Future Of Conflict On The Internet'](https://i.ytimg.com/vi/JI5qzlyqIZI/default.jpg)
![What is Cyber Threat Intelligence | Rishika Desai | Winja Unplugged](https://i.ytimg.com/vi/6Xa-TlRCV3Y/default.jpg)
![Securing the Human Factor | CXO Panel Discussion | NULLCON Goa 2020](https://i.ytimg.com/vi/FDt7v0oMfd4/default.jpg)
![Taking the guess out of Glitching! | Adam Laurie | NULLCON Goa 2020](https://i.ytimg.com/vi/eOuUBPOSn0Y/default.jpg)
![A Kernel Hacker Meets Fuchsia OS | Alexander Popov | Nullcon Goa 2022](https://i.ytimg.com/vi/TZz-cbPp2uc/default.jpg)
![Threat Research & Fortnite Scams | Ben Herzberg | nullcon Interviews](https://i.ytimg.com/vi/YTt9rYfCyco/default.jpg)