Tinus
I am the Head of Consultancy at MWR and have a passion for deeply understanding how things work, taking them apart, and sometimes being able to put them back together.
Session
12-07
13:15
45min
Dependable Red Teaming by using Confusion
Tinus
Dependency Confusion, a DevOps supply chain attack path discovered in 2021, hasn't really gotten the attention that it deserves. This is mainly due to a misunderstanding of how large the attack surface can be. In this talk, we will show how dependency confusion can be exploited to not just attack the pipeline, but covertly gain full access to PROD!
Track 2