The Enemy Within: Modern Supply Chain Attacks

Black Hat USA 2019

Presented by: Eric Doerr
Date: Thursday August 08, 2019
Time: 09:45 - 10:35
Location: Islander EI

I'm in your supply chain, and you're probably in mine. Our increasingly interconnected infrastructure leaves us all vulnerable. With hundreds of millions of devices and millions of enterprises betting on the cloud, we see sophisticated attacks every day. Hardware, software, and service-based attacks, good and bad engagements with suppliers and partners – we've seen it all.

Go behind the scenes and learn about previously undisclosed supply chain attacks – from the techniques and objectives of adversaries, the mechanisms that were effective in blunting their attacks, and the sometimes-comical challenges dealing with our most complex asset to defend… developers.

It's a statistical certainty, everyone will eventually be a victim of a supply chain compromise. Whether you're in SecOps or App Development, you'll leave this presentation with practical guidance on how to defend against supply chain attacks and harden your systems. Prevention is important, but how you respond when you get owned is the true test of character. Are you up to the challenge?

Eric Doerr

Eric Doerr currently leads the security response team at Microsoft - the front line defense for millions of customers around the world who use Microsoft platforms and products. If you are hosted on Azure, use Windows, Office and more - Doerr's team is there to protect you.


KhanFu - Mobile schedules for INFOSEC conferences.
Mobile interface | Alternate Formats