What happens when you incorrectly manage your private packages registry, your developers misconfigure their local npm proxy, and malicious actors are free to abuse an open-source ecosystem? It’s called Dependency Confusion and it’s an attack that enabled security researchers to infiltrate big-name corps. You don’t want to be the next victim on the headlines, right? Let me take you on a step-by-step deep dive into how this attack manifests and how you can defend against it.
Browse SnykCon 2021 talks
Director of Developer Relations, Snyk