Can SIGSTORE and Code Signing Save Us from Supply Chain Hacks
So, from Notpetya in 2017 to SolarWinds in 2020, one thing that we can all agree on is that the most devastating cyber-attacks have originated from the supply chain hacks. Supply chain hacks are scary for several reasons. To start with, they do not require the use of commonly guarded attack vectors such as phishing, compromised credentials, or misconfiguration to get a foot in the door. They are pervasive because the malware and the backdoor exist inside a code that looks and feel legit. And finally, there is no way to absolutely positively stop them. Why? Because no matter how big of a software shop you are, you didn’t write ALL of your code. Virtually every code contains dependencies in the form of external libraries and not only you implicitly trust your software vendors, their vendors, and so on as well. So, in this video, I want to deep dive into code signing, discuss the available software such as Sigstore, show you how it works, and finally share my thoughts on it that’s sufficient to prevent the supply chain hacks or not.
★★ CISCO AND DEVNET CERTIFICATIONS LEARNING MATERIAL ★★
https://cciein8weeks.com
https://fullstacknetworker.com
★★ WHO AM I ★★
https://bit.ly/3qZsCLm
twitter.com/AfaqMKhan
Видео Can SIGSTORE and Code Signing Save Us from Supply Chain Hacks канала Technology Leadership
★★ CISCO AND DEVNET CERTIFICATIONS LEARNING MATERIAL ★★
https://cciein8weeks.com
https://fullstacknetworker.com
★★ WHO AM I ★★
https://bit.ly/3qZsCLm
twitter.com/AfaqMKhan
Видео Can SIGSTORE and Code Signing Save Us from Supply Chain Hacks канала Technology Leadership
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Career in Network Automation: Must-Have Security Fundamentals Knowledge for the NetDevOps](https://i.ytimg.com/vi/5H3cNUo2lWw/default.jpg)
![Career in Network Automation: 10 Domains of Knowledge for Network Automation Engineering (Part 1)](https://i.ytimg.com/vi/wjs5nfJc2gE/default.jpg)
![The Shifting Landscape of Ransomware Attacks](https://i.ytimg.com/vi/XYJQLX0W-7Q/default.jpg)
![Biden Putin Summit 2021 And the Future of Cybersecurity](https://i.ytimg.com/vi/iFfXIjWlWmI/default.jpg)
![Career in Network Automation: 10 Domains of Knowledge for Network Automation Engineering (Part 4)](https://i.ytimg.com/vi/FfIWh7WxLTQ/default.jpg)
![#SolarWinds Orion Hack for #Cyber Professionals: What Happened & How to Address Supply-Chain Attacks](https://i.ytimg.com/vi/Un1qbm3oTD8/default.jpg)
![What to Do if You Get Hit By a Ransomware Attack](https://i.ytimg.com/vi/Zbh-4lWII3g/default.jpg)
![Career in Network Automation: 10 Domains of Knowledge for Network Automation Engineering (Part 3)](https://i.ytimg.com/vi/7ZpmKgkNzig/default.jpg)
![Why Okta Hack is a Big Deal: What You Need to Know](https://i.ytimg.com/vi/75aJWA0pxCw/default.jpg)
![Career in Network Automation: 10 Domains of Knowledge for Network Automation Engineering (Part 2)](https://i.ytimg.com/vi/ssSgdUUXbTw/default.jpg)
![Zero Trust Security Model Explained](https://i.ytimg.com/vi/jWRuoaaIZiU/default.jpg)
![What We can Learn from KASEYA Ransomware Attack](https://i.ytimg.com/vi/NoGh1eO0e_U/default.jpg)
![Why #SolarWinds #Hack is a Big Deal for the #Cybersecurity industry](https://i.ytimg.com/vi/tbNyMInjBQI/default.jpg)
![Career in Network Automation: NAE, NETDEVOPS, NRE Job Roles Explained](https://i.ytimg.com/vi/gwkprYh8p1o/default.jpg)
![Cloud is the New IT Platform: The Incoming Multi-Cloud Networking Boom](https://i.ytimg.com/vi/qDwnSo99XLg/default.jpg)
![Cyber Security Basic Terms and Concepts for Beginners (Part 2)](https://i.ytimg.com/vi/axHyZ1bWq58/default.jpg)
![The Holy Grail of Spyware: The Pegasus and NSO Group Explained](https://i.ytimg.com/vi/4IsqLqL1zGg/default.jpg)
![Is Multicloud Networking Market a Hype: What You Need to Know](https://i.ytimg.com/vi/DY_DzdD-uiU/default.jpg)
![Network Automation with Python Libraries Netmiko, Napalm, and Nornir](https://i.ytimg.com/vi/3L5KbuEDl0E/default.jpg)
![Career in Network Automation: Must-Have Linux OS Fundamentals Knowledge for the NetDevOps](https://i.ytimg.com/vi/sZUBmwZ66o8/default.jpg)