The Enemy Within: Modern Supply Chain Attacks

Presented at Black Hat USA 2019, Aug. 8, 2019, 9:45 a.m. (50 minutes).

I'm in your supply chain, and you're probably in mine. Our increasingly interconnected infrastructure leaves us all vulnerable. With hundreds of millions of devices and millions of enterprises betting on the cloud, we see sophisticated attacks every day. Hardware, software, and service-based attacks, good and bad engagements with suppliers and partners – we've seen it all.

Go behind the scenes and learn about previously undisclosed supply chain attacks – from the techniques and objectives of adversaries, the mechanisms that were effective in blunting their attacks, and the sometimes-comical challenges dealing with our most complex asset to defend… developers.

It's a statistical certainty, everyone will eventually be a victim of a supply chain compromise. Whether you're in SecOps or App Development, you'll leave this presentation with practical guidance on how to defend against supply chain attacks and harden your systems. Prevention is important, but how you respond when you get owned is the true test of character. Are you up to the challenge?


Presenters:

  • Eric Doerr - General Manager, Microsoft Security Response Center
    Eric Doerr currently leads the security response team at Microsoft - the front line defense for millions of customers around the world who use Microsoft platforms and products. If you are hosted on Azure, use Windows, Office and more - Doerr's team is there to protect you.

Links:

Similar Presentations: