Loading…
BSidesSF 2024 has ended
Saturday, May 4 • 3:30pm - 4:00pm
🎬 Snow Nor Rain Nor Dependency Confusion: How to Deliver the Right Package

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
While dependency confusion has been a known problem for years, most public discussions of it are theoretical. This talk will show you how we identified and exploited this vulnerability, and then fixed it at scale in a real-world package environment.
Speakers
JS

Jessica Smith

Security Engineer, Block
Jessica is a senior engineer on the red team at Block. Her interests include web app security, cryptography, identity, and supply chain security. Prior to Block, she was on the application security team at Disney. She has previously spoken at Red Team Summit. She loves Python almost... Read More →
avatar for Justin Engler

Justin Engler

Block
Justin has been breaking and fixing (but mostly breaking) applications for over 15 years at companies like Block (Square), iSEC Partners (NCC), and others. He has previously spoken at BHUSA, DEFCON, and other conferences.

Saturday May 4, 2024 3:30pm - 4:00pm PDT
AMC Theatre 14
  Security @ Scale  Presentation