The Magnetic Pull of Mutable Protection: Worked Examples in Cryptographic Agility

Sdílet
Vložit
  • čas přidán 4. 04. 2024
  • ...How do you go about fully understanding what cryptography you have, how it is used and if it's good or bad? This was the question we started to ask ourselves and set about trying to answer using static analysis tools such as GitHub's CodeQL.
    Given how we all rely heavily on open-source projects, we set about scanning the top 1000 GitHub open-source projects to identify insecure cryptographic algorithms. We used GitHub's CodeQL multi-repository variant analysis to build a cryptographic bill of materials (CBOM) for each project. The CBOM will list all of the cryptographic algorithms that are used in the project, as well as their security status, and more importantly, help us identify all of the places where insecure cryptographic algorithms are used in the projects....
    By: Mark Carney , Daniel Cuthbert , Niroshan Rajadurai , Benjamin Rodes
    Full Abstract and Presentation Materials:
    www.blackhat.com/eu-23/briefi...

Komentáře •

Další v pořadí
Automatické přehrávání
Off The Record - Weaponizing DHCP DNS Dynamic Updates39:50Off The Record - Weaponizing DHCP DNS Dynamic Updates
Off The Record - Weaponizing DHCP DNS Dynamic UpdatesBlack Hat
zhlédnutí 1,6K
Something Rotten in the State of Data Centers40:27Something Rotten in the State of Data Centers
Something Rotten in the State of Data CentersBlack Hat
zhlédnutí 8K
Keynote: Industrialising Cyber Defence in an Asymmetric World41:02Keynote: Industrialising Cyber Defence in an Asymmetric World
Keynote: Industrialising Cyber Defence in an Asymmetric WorldBlack Hat
zhlédnutí 1,1K
Smažené nudle 🍺01:00Smažené nudle 🍺
Smažené nudle 🍺Ostravsky Gastrošef (Heřman Gazda)
zhlédnutí 87K
I’ll be right back promised , I have to do a wheel check#learnfromkhaby #comedy00:20I’ll be right back promised , I have to do a wheel check#learnfromkhaby #comedy
I’ll be right back promised , I have to do a wheel check#learnfromkhaby #comedyKhaby. Lame
zhlédnutí 21M
100% VS 10% 🤣 #shorts00:24100% VS 10% 🤣 #shorts
100% VS 10% 🤣 #shortsJoe Albanese
zhlédnutí 13M
Život se mění ❗️😮‍💨 #komedie #sranda #ekv #shorts00:18Život se mění ❗️😮‍💨 #komedie #sranda #ekv #shorts
Život se mění ❗️😮‍💨 #komedie #sranda #ekv #shortsEmperKingVision
zhlédnutí 397K
The Black Hat Europe Network Operations Center (NOC) Report38:03The Black Hat Europe Network Operations Center (NOC) Report
The Black Hat Europe Network Operations Center (NOC) ReportBlack Hat
zhlédnutí 964
Learn HTML5 and CSS3 For Beginners - Crash Course3:54:03Learn HTML5 and CSS3 For Beginners - Crash Course
Learn HTML5 and CSS3 For Beginners - Crash Coursedevelopedbyed
zhlédnutí 2,9M
💡 There is a SMARTER way to split your documents for GenAI apps12:07💡 There is a SMARTER way to split your documents for GenAI apps
💡 There is a SMARTER way to split your documents for GenAI appsBitswired
zhlédnutí 774
Sleep Instantly in Under 5 MINUTES • Eliminate Subconscious Negativity • Healing Sleep Music ☆033:54:11Sleep Instantly in Under 5 MINUTES • Eliminate Subconscious Negativity • Healing Sleep Music ☆03
Sleep Instantly in Under 5 MINUTES • Eliminate Subconscious Negativity • Healing Sleep Music ☆03Soft Calm Music
zhlédnutí 9M
Black Hat Asia 2024 Highlights2:47Black Hat Asia 2024 Highlights
Black Hat Asia 2024 HighlightsBlack Hat
zhlédnutí 671
New Techniques for Split-Second DNS Rebinding31:20New Techniques for Split-Second DNS Rebinding
New Techniques for Split-Second DNS RebindingBlack Hat
zhlédnutí 1,3K
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools35:22The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread PoolsBlack Hat
zhlédnutí 1,7K
Inner Balance | 432Hz + 111Hz Healing Calm & Inner Peace | Release All Blockages Meditation & Sleep3:33:33Inner Balance | 432Hz + 111Hz Healing Calm & Inner Peace | Release All Blockages Meditation & Sleep
Inner Balance | 432Hz + 111Hz Healing Calm & Inner Peace | Release All Blockages Meditation & SleepInner Lotus Music
zhlédnutí 14M
Locknote: Conclusions and Key Takeaways from Day 247:58Locknote: Conclusions and Key Takeaways from Day 2
Locknote: Conclusions and Key Takeaways from Day 2Black Hat
zhlédnutí 844
Useful Woodworking tips and skills. Easy way to get the perfect angle #shorts #tips #skills00:17Useful Woodworking tips and skills. Easy way to get the perfect angle #shorts #tips #skills
Useful Woodworking tips and skills. Easy way to get the perfect angle #shorts #tips #skillsTips Workshop
zhlédnutí 59M
RONALDO a MESSI by Opravdu Mohli Hrát SPOLU!00:19RONALDO a MESSI by Opravdu Mohli Hrát SPOLU!
RONALDO a MESSI by Opravdu Mohli Hrát SPOLU!Horis PLUS
zhlédnutí 85K
Nemo - The Code (LIVE) | Switzerland🇨🇭| Grand Final | Eurovision 202403:28Nemo - The Code (LIVE) | Switzerland🇨🇭| Grand Final | Eurovision 2024
Nemo - The Code (LIVE) | Switzerland🇨🇭| Grand Final | Eurovision 2024Eurovision Song Contest
zhlédnutí 17M
Test Věrnosti s Přítelkyní!00:15Test Věrnosti s Přítelkyní!
Test Věrnosti s Přítelkyní!Vítek
zhlédnutí 307K
where is the ball to play this?😳⚽00:13where is the ball to play this?😳⚽
where is the ball to play this?😳⚽LOL
zhlédnutí 10M
BEST SPICY NOODLE EVER01:00BEST SPICY NOODLE EVER
BEST SPICY NOODLE EVERUncle Roger Shorts
zhlédnutí 12M
Will the Tesla Cybertruck trunk crush your finger?00:41Will the Tesla Cybertruck trunk crush your finger?
Will the Tesla Cybertruck trunk crush your finger?Eyewitness News ABC7NY
zhlédnutí 12M
CO SE NA TOM CLASHKU DĚLO?!?!42:17CO SE NA TOM CLASHKU DĚLO?!?!
CO SE NA TOM CLASHKU DĚLO?!?!Vidrail
zhlédnutí 179K