BEGIN:VCALENDAR
VERSION:2.0
PRODID:Data::ICal 0.24
BEGIN:VEVENT
DESCRIPTION:   'Title: Activity: Hacking Developers’ Trust – Faking Git
 Hub\n   Contribution by Checkmarx\n   When: Friday\, Aug 9\, 15:00 - 16:59
  PDT\n   Where: LVCC West/Floor 2/W228-W230/W228-W230-ASV Pod 3 - [1]Map\n
 \n   Description:\n\n   Join us for a revealing exploration of open-source
  trust and its\n   vulnerabilities. In this captivating activity\, we will
  delve into the\n   fascinating world of developer credibility and the uns
 ettling\n   phenomenon of faking GitHub contributions. With open source be
 coming\n   an integral part of software development\, we find ourselves re
 lying on\n   strangers to provide us with code. Trust is often based on fa
 ctors\n   like the number of stars on a package or the credibility of the\
 n   package’s maintainer on GitHub. However\, what if I told you that al
 l\n   of this could be convincingly spoofed?\n\n   Speakers:Tal Folkman\,O
 ri Ron\,Mário Leitão-Teixeira\n\n   SpeakerBio:  Tal Folkman\n\n   Tal b
 rings over 7 years of experience to her role as a supply chain\n   securit
 y research team lead within Checkmarx Supply Chain Security\n   group. She
  is in charge of detecting tracking and stopping Opensource\n   attacks.\n
 \n   SpeakerBio:  Ori Ron\n\n   Ori Ron\, an experienced Application Secur
 ity Researcher at Checkmarx\,\n   joined the company in 2016. With over ei
 ght years of expertise in the\n   field\, Ori specializes in identifying a
 nd mitigating security\n   vulnerabilities in software systems. His resear
 ch spans the\n   application security aspects of many programming language
 s\,\n   technologies\, and environments.\n\n   SpeakerBio:  Mário Leitão
 -Teixeira\n\n   "Vulnerability" is part of my daily vocabulary at Checkmar
 x\, and I\n   never get sick of it. I dub myself a 'self-certified idiot' 
 because I\n   love learning and hatching ideas. So much\, that I've made\n
    brainstorming a hobby and kickstarted a team initiative to keep us on\n
    the pulse of InfoSec. As a result\, we have learned about CVSSv4 before
 \n   it was cool.\n\n   Well\, CVSSv4 isn't cool yet since it's yet to be 
 fully adopted\, but in\n   the meantime\, I've researched and come up with
  this talk. I wasn't\n   given the opportunity to win a 'Best Speaker' awa
 rd yet. However\, I\n   published a few blog posts for Checkmarx and am br
 ewing many other\n   initiatives. I'm also currently studying to pass the 
 CEH\n   certification. Contributing to the AppSec Village at RSAC in San\n
    Francisco last year. Check.\n\n   Beyond the keyboard\, you catch me re
 ading\, writing\, or practicing\n   martial arts. As in cybersecurity\, I 
 seek constant learning.\n\n   '\n\n   1. #LVCCW_Level2_North\n\n\n
DTEND:20240809T235900Z
DTSTART:20240809T220000Z
LOCATION:APV - LVCC West/Floor 2/W228-W230/W228-W230-ASV Pod 3
SUMMARY:Activity: Hacking Developers’ Trust – Faking GitHub Contributio
 n by Checkmarx
END:VEVENT
END:VCALENDAR