Name: A Fun Story About A Software Supply Chain Calamity: the UA-Parser Saga
Start: 2024-10-25T13:00:00-0500
End: 2024-10-25T13:50:00-0500

Friday October 25, 2024 1:00pm - 1:50pm CDT

Promon Room (Cypress)

4.2 million people use the UA-Parser javascript library according to github, and it is key to 2000+ downstream projects per NPM. Right before Halloween a "Security Issue" thread was created including the warning "I can't seem to unpublish the compromised versions". This lighthearted talk will discuss the UA-Parser compromise, response, and how to detect whether it's GroundHog Day and your app is including a polluted library, UA Parser or otherwise.

Speakers

Andy Lewis

Solutions Architect and Honeybee Wrangler, ReversingLabs

Andy is a Solutions Architect and Honeybee Wrangler with ReversingLabs, a Startup that's tackling Software Supply Chain Security head-on. Founder of Denver OWASP, Boulder OWASP, and co-founder of the SnowFROC AppSec conference.

Friday October 25, 2024 1:00pm - 1:50pm CDT
Promon Room (Cypress) 2525 West Anderson Lane #365, Austin, TX, USA

LASCON 2024

Andy Lewis

Attendees (3)

LASCON 2024

Andy Lewis

Attendees (3)

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!