Loading…
The date for the release of slides and videos has not been determined.  
Please, visit the event site for further information.
Thanks
Back To Schedule
Wednesday, May 29 • 1:30pm - 2:00pm
Rhyming with Hacks - the Ballad of Supply Chain Attacks

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
2018 was big on Supply Chain Attacks (SCA), with big e-commerce companies such as British Airways or Ticketmaster being targeted. The cyber criminal groups behind some of these attacks are referred to as Magecart.    During this talk, we'll present SCAs, how they work and how they scale. We’ll go through the anatomy of these attacks and see if and how they can be prevented or mitigated. We’ll discuss the effectiveness of existing solutions like Content Security Policy or Subresource Integrity.    We’ll take a deeper look into one real-life SCA, by going through the attacking code and understanding what it does.    We’ll then present a new approach that we’ve been working on that is based on DOM real-time monitoring. We'll do a live demo of our solution defending against the real-life SCA presented before. Its merit in detecting and mitigating this and other SCA attacks will be discussed.

Speakers
avatar for Pedro Fortuna

Pedro Fortuna

CTO, Jscrambler
Pedro Fortuna is CTO and Co-Founder of Jscrambler where he leads the technical vision for the product suite and contributes with his cybersecurity knowledge for R&D. Pedro holds a degree in Computing Engineering and a MSc in Computer Networks and Services, having more than a decade... Read More →


Wednesday May 29, 2019 1:30pm - 2:00pm IDT
Hall B