Abstract
Software Supply Chain Security: No Kill Switch Yet Supply chain security is complex to solve in this real world. Numerous software with notable features is available for free of cost. The scary part is they come with unforeseen hidden baggage of security vulnerabilities, supply chain security & trust issue. A few hacks in the past year; Faker.js, Color.js, log4j, etc. This presentation aims to bring awareness to the problems & challenges related to heavily relying on open source solutions from a security point of view. We will discuss some methods to tackle these new kinds of security vulnerabilities.
Senior Security Architect
Rewanth Tammana is a security ninja, open-source contributor, and an independent consultant. Previously, Senior Security Architect at Emirates NBD (National Bank of Dubai). He is passionate about DevSecOps, Cloud, and Container Security. He added 17,000+ lines of code to Nmap (famous as Swiss Army knife of network utilities). Holds industry certifications like CKS (Certified Kubernetes Security Specialist), CKA (Certified Kubernetes Administrator), etc. Rewanth speaks and delivers training at multiple international security conferences around the world including Black Hat, Defcon, Hack In The Box (Dubai and Amsterdam), CRESTCon UK, PHDays, Nullcon, Bsides, CISO Platform, null chapters and multiple others. He was recognized as one of the MVP researchers on Bugcrowd (2018) and identified vulnerabilities in several organizations. He also published an IEEE research paper on an offensive attack in Machine Learning and Security. He was also a part of the renowned Google Summer of Code program.