| im in ur scm, bein a ninja | 2014-11-05 12:45 |
A few months ago I posted a high-level
overview of some source code repository tampering risks.
The other day I presented a much deeper dive at BSides DC, with examples of multiple ways to manipulate CVS, Git, and Subversion repositories, and some thoughts on how companies and code-hosting sites could/should harden their infrastructures.
Watch the presentation, or download the slides. (PDF warning)
Watch for future blog posts that extract and expand upon some of those examples.
Thanks to the BSidesDC folks for a great conference, and to ComputeCycle for the recordings!
The other day I presented a much deeper dive at BSides DC, with examples of multiple ways to manipulate CVS, Git, and Subversion repositories, and some thoughts on how companies and code-hosting sites could/should harden their infrastructures.
Watch the presentation, or download the slides. (PDF warning)
Watch for future blog posts that extract and expand upon some of those examples.
Thanks to the BSidesDC folks for a great conference, and to ComputeCycle for the recordings!
| 0 comments | Posted by Hank at: 12:45 permalink |
Comments are closed for this story.