Presented at
Black Hat Europe 2018,
Dec. 6, 2018, 9 a.m.
(30 minutes).
The last two years have been filled with high-profile enterprise security incidents that shared a common origin: breach of a trusted software provider. In truth, supply chain attacks have played a key role in numerous targeted and opportunistic attacks - many of which flew under the radar - for years. This presentation examines the emergence of software supply chain compromises, the factors incentivizing attackers to adopt this approach, and practical approaches to risk mitigation and defense that enterprises can take in response.
Presenters:
-
Ryan Kazanciyan
- Chief Product Officer, Tanium
In his role as Chief Product Officer, Ryan Kazanciyan sets the strategy and roadmap for Tanium's product offerings. Ryan brings more than 15 years of experience in security architecture, incident response, and security assessment and compliance. He previously served as Tanium's Chief Security Architect, where he focused on the company's Threat Response solution and led the Endpoint Detection and Response (EDR) team. Prior to joining Tanium, Ryan oversaw investigation and remediation efforts at Mandiant, partnering with dozens of Fortune 500 organizations affected by targeted attacks. Ryan has trained hundreds of security practitioners as an instructor for Black Hat and the FBI's cyber squad, and is a contributing author for "Incident Response and Computer Forensics 3rd Edition" (McGraw-Hill, 2014). Ryan also worked as a technical consultant for the television series "Mr. Robot," where he collaborated with the writers and production team to design the hacks depicted in the show.
Links:
Similar Presentations: