Devconf.cz 2023

We have gone through a drastic shift in how we build software, no longer are our applications stand-alone monoliths, they are now a collection of thousands of different modules and building blocks. This has enabled us to innovate at an unimaginable pace but at the cost of security. These building blocks include frameworks, open-source libraries, SaaS platforms, and cloud infrastructure. In this talk, we will examine the anatomy of recent supply chain attacks to show how hackers are targeting vulnerabilities that are at the core of how we build modern software. This will mean examining how open source libraries are being turned malicious, how attackers are able to break into our systems, and why credentials to our infrastructure are leaking all over the internet. The goal of the talk will then be to provide actionable steps on how we can build secure applications on an insecure internet and take back control of our security.