Hackers of India

🧪 Experimental Feature

Focus Areas are an experimental feature that groups related content by tags. This page and its functionality may change as we refine the categorization system.

Software Supply Chain Security

Security of software supply chains, including dependency management, SBOM, SCA, and third-party risk management

23
Total Entries
27
Contributors
40
Unique Tags
22
Related Tags

Top Contributors

Gaurav Joshi(3) Hare Krishna Rai(3) Akhil Mahendra(2) Hritik Vijay(2) K v Prashant(2)

Related Tags (15)

Supply Chain(18) Sca(7) Software Composition Analysis(7) Supply Chain Attack(5) Container Security(5) Sbom(4) Supply Chain Security(3) Dependency Management(3) Open Source Security(3) Third Party Risk Management(2)
Show all 15 tags...
Vendor Security(2) Package Security(2) Software Bill of Materials(1) Typosquatting(1) Malicious Packages(1)

All Entries (23 total, sorted by date)

DateTypeConferenceTitleSpeaker(s)Tags
2025-08-06TalkBlackhat When ‘Changed Files’ Changed Everything: Uncovering and Responding to the tj-actions Supply Chain Breach Varun Sharma, Ashish Kurmici-cdincident-responsedevsecops+3
2025-08-06Tool demoBlackhat Varunastra: Securing the Depths of Docker V2 Source Code Devang Solankicontainer-securitydockerstatic-analysis+4
2025-04-30TalkRsac Got Supply Pain? A Real-World Approach to Supply Chain SDL Mohit Arorasecure-developmentdevsecopsvulnerability-management+5
2025-04-03TalkBlackhat Determining Exploitability of Vulnerabilities with SBOM and VEX Presentation Anusha Penumacha, Srinija Kammarisbomsupply-chainsca+2
2025-04-03Tool demoBlackhat SCAGoat - Exploiting Damn Vulnerable and Compromised SCA Application Source Code Hare Krishna Rai, Gaurav Joshi, K v Prashantvulnerability-managementsupply-chainsupply-chain-attack+2
2025-04-03Tool demoBlackhat SupplyShield: Protecting your software supply chain Source Code Yadhu Krishna M, Akhil Mahendra, Hritik Vijaysupply-chainsbomsca+2
2024-12-11Tool demoBlackhat SCAGoat - Exploiting Damn Vulnerable SCA Application Source Code Hare Krishna Rai, Gaurav Joshi, K v Prashantvulnerability-managementsupply-chainsca+1
2024-11-27TalkBlackhat Generative AI in Supply Chain Security: Enhancing Container Protection Amid Regulatory Challenges Syed Aamiruddinai-securitysupply-chainsupply-chain-security+1
2024-11-27Tool demoBlackhat Varunastra: Securing the Depths of Docker Source Code Kunal Aggarwalcontainer-securitydockerpentesting+3
2024-11-16TalkC0c0n We got the Shiny SBoM; what next? Presentation Anant Shrivastavasbomsupply-chainsoftware-bill-of-materials
2024-11-15TalkC0c0n [Yodha] SCAGoat - Software Composition Analysis (SCA) Vulnerability Exploration Tool Source Code Gaurav Joshi, Hare Krishna Raivulnerability-managementsupply-chainsca+1
2023-12-06Tool demoBlackhat SupplyShield: Protecting your software supply chain Source Code Akhil Mahendra, Hritik Vijayawssupply-chainsbom+2
2023-09-29TalkHackinparis A Tale of Credential Leak of a Popular Cloud Threat Actor Nitesh Suranacontainer-securitydockerthreat-hunting+1
2023-09-28TalkHackinparis How to have visibility and security OF CICD ecosystem Pramod Ranacicd-securitydevsecopsvulnerability-management+6
2023-08-06TalkC0c0n Taking a Closer Look at CI/CD Pipeline Logs: Extracting Security-Related Information with Build Inspector Video Anshu Kumar, Pavan Sorabdevsecopsci-cdcicd-pipeline+3
2022-09-08TalkNullcon Hack the Source: Securing Open Source Software – One bug at a time Video Sandeep Singhopen-source-securitysupply-chainvulnerability-management
2022-09-07TalkNullcon Unearthing Malicious And Other “Risky” Open-Source Packages Using Packj Presentation Video Devdutt Patnaikopen-source-securitysupply-chainsupply-chain-attack+3
2022-05-12Tool demoBlackhat Mitigating Open Source Software Supply Chain Attacks Source Code Ajinkya Rajputopen-source-securitysupply-chainsupply-chain-attack+3
2021-11-13TalkC0c0n Third Party Risk Management Mahesh Kalyanaramanrisk-managementcompliance-governancevulnerability-management+3
2021-11-12TalkC0c0n 2021 Supply Chain Attacks Analysis Ajit Hattivulnerability-managementincident-responserisk-management+2
2019-09-27TalkC0c0n Security @scale for startups Shivanath Somanathandevsecopssecure-developmentsoftware-security+2
2018-08-10TalkDefcon AN OSINT APPROACH TO THIRD PARTY CLOUD SERVICE PROVIDER EVALUATION Presentation Video Lokesh Pidawekarthird-party-risk-managementcloud-securityvulnerability-management+2
2015-09-24TalkApp Sec Usa QARK: Android App Exploit and SCA Tool Video Tushar Dalviandroid-securityscasoftware-composition-analysis