你的流量不会说谎：通过应用程序行为揭露供应链攻击.pdf

《你的流量不会说谎：通过应用程序行为揭露供应链攻击.pdf》由会员分享，可在线阅读，更多相关《你的流量不会说谎：通过应用程序行为揭露供应链攻击.pdf（66页珍藏版）》请在三个皮匠报告上搜索。

1、#BHUSA BlackHatEventsYour Traffic Doesnt Lie:Unmasking Supply Chain Your Traffic Doesnt Lie:Unmasking Supply Chain Attacks via Application BehaviourAttacks via Application BehaviourColin Estep,Dagmawi MulugetaNetskope Threat Labs#BHUSA BlackHatEventsLinkedIn:colinestepIntrosLinkedIn:dmulugeta#BHUSA

2、BlackHatEvents First incident as a vendor Provided motivation for this research SolarWinds Compromise#BHUSA BlackHatEventsWhats out there todaySCMDistributionDependencyCI/CDUseModifyDeveloperArtifactProcessSource:https:/.au/content/security/article/anatomy-of-a-supply-chain-software-attack-440028396

3、#BHUSA BlackHatEventsWhats out there todaySCMDistributionDependencyCI/CDUseCompromiseDeveloperArtifactProcessSource:https:/.au/content/security/article/anatomy-of-a-supply-chain-software-attack-440028396#BHUSA BlackHatEventsWhats out there todaySCMDistributionDependencyCI/CDUseModifyDeveloperArtifac

4、tProcessSource:https:/.au/content/security/article/anatomy-of-a-supply-chain-software-attack-440028396#BHUSA BlackHatEventsWhats out there todaySCMDistributionDependencyCI/CDUseCompromiseDeveloperArtifactProcessSource:https:/.au/content/security/article/anatomy-of-a-supply-chain-software-attack-4400

5、28396#BHUSA BlackHatEventsWhats out there todaySCMDistributionDependencyCI/CDUseBypass DeveloperArtifactProcessSource:https:/.au/content/security/article/anatomy-of-a-supply-chain-software-attack-440028396#BHUSA BlackHatEventsWhats out there todaySCMDistributionDependencyCI/CDUseCompromiseDeveloperA

6、rtifactProcessSource:https:/.au/content/security/article/anatomy-of-a-supply-chain-software-attack-440028396#BHUSA BlackHatEventsWhats out there todaySCMDistributionDependencyCI/CDUseSwapDeveloperArtifactProcessSource:https:/.au/content/security/article/anatomy-of-a-supply-chain-software-attack-4400