Sponsored by:
Ori Ron
Tal Folkman
Join us for a revealing exploration of open-source trust and its vulnerabilities. In this captivating activity, we will delve into the fascinating world of developer credibility and the unsettling phenomenon of faking GitHub contributions. With open source becoming an integral part of software development, we find ourselves relying on strangers to provide us with code. Trust is often based on factors like the number of stars on a package or the credibility of the package’s maintainer on GitHub. However, what if I told you that all of this could be convincingly spoofed?
Ori Ron
AppSec Researcher, Checkmarx
Ori Ron, an experienced Application Security Researcher at Checkmarx, joined the company in 2016. With over eight years of expertise in the field, Ori specializes in identifying and mitigating security vulnerabilities in software systems. His research spans the application security aspects of many programming languages, technologies, and environments.
Tal Folkman
Security Research Team Lead, Checkmarx
Tal brings over 7 years of experience to her role as a supply chain security research team lead within Checkmarx Supply Chain Security group. She is in charge of detecting tracking and stopping Opensource attacks.