This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Friday, May 12 • 12:25 - 13:10
Could a few lines of code F!#ck it all up!

Sign up or log in to save this to your schedule and see who's attending!

Feedback form is now closed.
Recently, an anonymous open source developer decides to remove his code (left-pad) from a public repository. Shortly thereafter, several large organizations felt the impact of his actions. Facebook, AirBnB and others experienced errors impacting the functionality of their services. Packages using “left-pad” wouldn’t properly execute.
Today, we embrace both the open source community and the growth of open source projects, modules and packages but… Dependencies and recursive dependencies might become a risk or even a new attack vector which we didn’t foresee. 
Could there be other cases of common and popular open source packages depending on open source modules that might not be there tomorrow or, even worse, could they be maliciously modified?

Join us and learn:
- Which common open source packages might not be there tomorrow and how this can affect you?
- How packages you use could be maliciously modified impact on your app 
- How intertwined and complex dependencies have become

avatar for Erez Yalon

Erez Yalon

Application Security Research Manager, Checkmarx
Erez heads the security research group at Checkmarx. With vast defender and attacker experience and as an independent security researcher, he brings invaluable knowledge and skills to the table. Erez is responsible for maintaining Checkmarx’s top notch vulnerability detection t... Read More →

Friday May 12, 2017 12:25 - 13:10
Waterfront Center: Hall 2B

Attendees (21)