Session
Your Dependencies Are Already Compromised: A practical guide to securing your software supply chain
Every day, millions of developers run npm install without a second thought. It is muscle memory. It is fast. It is how modern software gets built. And it is increasingly how attackers get in.
Software supply chain attacks have become one of the most effective and most underreported attack vectors in the industry. Not because they are sophisticated, but because we have built our entire development workflow around trusting code we did not write, from people we have never met, installed automatically by tools we barely configure.
This session is not a theoretical warning. It is a live demonstration of how a single malicious npm package silently exfiltrates your CI secrets, your cloud credentials, and your deployment tokens, while your pipeline stays green and nobody notices.
And then it is a practical, immediately actionable playbook for fixing it.
Florian Lenz
Microsoft Azure MVP & Cloud Architect | Helping Engineers & Organizations Build Secure, Scalable Cloud Platforms | Speaker | Author | DevSecOps & Software Architecture
Köln, Germany
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top