Todor Todorov
Senior Software Engineer Payhawk
BIOGRAPHY
I am a senior software engineer with more than 15 years of experience in creating distributed cloud enterprise systems. I have worked on critical platforms, used by millions of people everyday for work. I am a tech geek, cybersecurity enthusiast and public speaker. All my past and future speaking engagements can be seen here. I am active on Twitter here.
Supply Chain Shenanigans: Evil npm & Shady NuGet
Supply chain attacks pose a significant threat to software development, with NPM and NuGet being prime targets for malicious actors. This session explores the world of supply chain shenanigans, uncovering the techniques used by attackers to compromise NPM and NuGet packages. From npm substitution attacks to npm lock file injection, dependency confusion, repository proxying issues, and typo-squatting, we delve into the dark underbelly of package management. Through real-world case studies, we analyze the devastating consequences of these attacks on software integrity and security.
But fear not! This session provides practical insights and actionable strategies to fortify defenses against supply chain antics. Join us as we navigate the treacherous waters of NPM and NuGet attacks, unveiling vulnerabilities and sharing best practices for prevention. Whether you’re a developer, security professional, or a concerned stakeholder, this session equips you with the knowledge and tools to safeguard your software supply chain. Let’s fight back against these shenanigans and protect our code!
Are you the next cyber security superstar?
If you are passionate about an information security topic or you have strong technical skills developing researches on your own, you should definitely Apply at Call for Papers. By submitting you will have the chance to showcase your work to +2000 attendees.
Other speakers joining this year
Inbar Raz
VP of Research Zenity
Radu Boncea
Head of Department for "Software Engineering and Complex Systems" The National Institute for Research & Development in Informatics
Radu Tudorica
Security Researcher Bitdefender
Ready for this year's presentations?
By registering you will unlock access to 60+ speakers and two full days with cyber security news & showcases from worldwide leaders.
COMPETITIONS
Sponsors & Partners
They help us make this conference possible.
POWERED BY
Orange Business is a key division of Orange Romania, specializing in providing cutting-edge communication, technology, and digital transformation solutions tailored to businesses of all sizes. With a strong emphasis on innovation, Orange Business offers a wide array of services, including high-speed connectivity, cloud computing, cybersecurity, Internet of Things (IoT), and managed services. Their mission is to support organizations in their digital transformation journey by enhancing operational efficiency, improving customer experience, and maintaining a competitive edge in a rapidly changing digital environment.
Orange Business combines deep technological expertise with a customer-centric approach, ensuring that each solution is customized to meet the specific needs of their clients. Their commitment to innovation and excellence makes them a trusted partner for businesses seeking to thrive in the digital age.