Securing Your Software Delivery Chain with Process Auditing

Tuesday, March 15, 2022 - 9:00 am9:45 am

Shaun Mouton, Mastercard


Tasked with "securing the supply chain" for your employer due to a high profile CVE or breach? Overwhelmed by vendor pitches and trying to find some data to start tackling the problem? Curious about what's happening when an application is executing for some other reason? Want to know what you can discover about un-instrumented applications?

Let's go over how you can use strace and eBPF to discover what applications are doing. Then, we'll cover how to improve your security posture with that knowledge.

Shaun Mouton, Mastercard

Shaun Mouton has been using computers for well over 30 years and is beginning to wonder why nobody has made him stop. He is a Principal engineer at Mastercard on an enterprise automation frameworks team and pays the bills for some silly websites.

SREcon22 Americas Open Access Sponsored by Blameless

@conference {278120,
author = {Shaun Mouton},
title = {Securing Your Software Delivery Chain with Process Auditing},
year = {2022},
address = {San Francisco, CA},
publisher = {USENIX Association},
month = mar

Presentation Video