Incident Response in Cases of Supply Chain Incidents - Lucas Ferreira
In today’s interconnected world, companies rely on a complex network of third-party vendors and service providers to deliver their products and services. This includes the use of Software as a Service (SaaS) applications and open-source libraries, which can provide significant benefits in terms of cost savings and scalability. However, this also introduces new risks, as attackers can target these third-party providers to gain access to a company’s systems and data. In this presentation, we will explore the topic of incident response in cases of supply chain incidents. We will discuss what supply chain attacks are and how they can occur through the compromise of SaaS applications and vulnerabilities in open-source libraries. We will also examine real-world examples of supply chain attacks seen by Cloudflare, including the January 2022 Okta compromise, a bug in interpreting IPv4-mapped IPv6 addresses, and the Log4Shell vulnerability. We will focus on how Cloudflare responded to these incidents and show lessons learned. We will also discuss how these incidents affect a company’s incident response team. Supply chain incidents can be particularly challenging for incident response teams because they often involve third-party vendors and service providers that may be outside of the company’s direct control.
ABOUT THE SPEAKER: Lucas is a highly experienced Information Security professional with a diverse professional and academic background. With over 25 years in the field, he has a wealth of experience working in various sectors, including big corporations, startups, government, and international organizations. Throughout his career, Lucas has worked across various Information Security domains, including risk assessment, network security, web and application security, cloud security, incident response, and IT and security operations. In addition to his practical expertise, Lucas has a solid academic foundation in information security and cryptography. He holds an M Sc degree and has completed all the requirements for a Ph.D. (unfinished) in cryptographic protocols. He has also published several papers in the field. Lucas is a long-standing contributor and supporter of OWASP. He served as a Project Leader, Chapter Leader on two continents, and Committee Member. Lucas led the team responsible for organizing three highly successful OWASP Global Appsec Conferences in Brazil.