Use the featured image to change the subpage hero.
Malicious packages analysis – how to identify and avoid malicious software packages
08 Mar 2023
DevOps Live Theatre
The talk will be a technical showcase of the different types of malicious packages that are prevalent today in popular package repositories. Many examples shown in the presentation will be based on real data and malicious packages that were identified and disclosed by JFrog. We will dive into the types of attacks and payloads contained in these malicious packages and explain how these packages can be identified and rejected, using a recommended secure development workflow and relevant OSS tools.