Levi Lloyd - Lawrence Livermore National Laboratory
Students: Spring 2024, unless noted otherwise, sessions will be virtual on Zoom.
Securing the Software Supply Chain
Feb 10, 2021
Download: MP4 Video Size: 248.3MBWatch on YouTube
Abstract
In December 2020, FireEye discovered a supply chain attack against the SolarWinds Orion network management system. The impact of this event has caused the cybersecurity community to reevaluate how we think about threats coming from the software supply chain. At Lawrence Livermore National Laboratory we have been developing software assurance tools for many years to automate the analysis of software to enable asset owners and operators to make sound decisions about the software in their environments. In this presentation, I will describe this effort, talk about some of our tools, and discuss ways to mitigate future supply chain attacks.About the Speaker
Levi Lloyd is a cybersecurity researcher at Lawrence Livermore National Laboratory where he works in the Cyber and Infrastructure Resilience program. His interests include software assurance, binary analysis and reverse engineering, malware analysis, and network traffic analysis and defense. He has been involved in the creation of several frameworks aimed at doing cybersecurity analyses at scale.