KoreLogic Blog
im in ur scm, bein a ninja 2014-11-05 12:45

A few months ago I posted a high-level overview of some source code repository tampering risks.

The other day I presented a much deeper dive at BSides DC, with examples of multiple ways to manipulate CVS, Git, and Subversion repositories, and some thoughts on how companies and code-hosting sites could/should harden their infrastructures.

Watch the presentation, or download the slides. (PDF warning)

Watch for future blog posts that extract and expand upon some of those examples.

Thanks to the BSidesDC folks for a great conference, and to ComputeCycle for the recordings!

0 comments Posted by Hank at: 12:45 permalink

Comments are closed for this story.