Mark your calendars and come join your colleagues in the CAE community for the CAE Lecture Series. CAE Lecture Series are free and conducted live in real-time over MS Teams, so no travel is required. NSA’s CAE PMO office hosts the presentations via MS Teams, which employs slides, VOIP, and chat for live interaction. Download the lecture series flyer.
Software Supply Chain Security
Date: September 20, 2024
Time: 2:00 p.m. EST
Presenter: Aditya Sirish, New York University
Abstract: The software supply chain encompasses the systems, infrastructure, and people which produce a software artifact. In recent years, the software supply chain has increasingly become a target for attackers. For example, in 2020, it was discovered that the Orion software produced by SolarWinds and used by numerous US government agencies was backdoored by attackers who had compromised the company’s software build infrastructure. Since then, software supply chain security has seen increased focus from academia, industry, and open source communities alike. This talk will present an overview of the software supply chain and the threats it faces, backed by previously seen attacks. Following that, the talk will discuss community efforts at organizations like the Linux Foundation and OWASP as well as work being done in academia to improve visibility and better secure software development processes. Finally, the talk will present related open source projects like in-toto, the Update Framework, Sigstore, gittuf, and GUAC.
The Software Reverse Engineering Skillset
Date: September 20, 2024
Time: 3:00 p.m. EST
Presenter: Damon S. NSA, Technical Director for Computer Network Operations
Abstract: Seasoned software reverse engineers at the National Security Agency draw from a wide and esoteric set of skills to support NSA’s cybersecurity and foreign intelligence missions. Bringing new reverse engineers up to speed can take months or years. This talk considers the skills and competencies an aspiring reverse engineer might focus on to improve their readiness for a career in cybersecurity and the intelligence community.
How to Join
Location: MS Teams Meeting
Meeting ID: 285 904 682 213
Passcode: PoPUNJ
Dial by phone: +1 872-239-6004
Phone Conference ID: 107 950 166#
NOTE: This Lecture Series cannot be recorded. Students and faculty are encouraged to attend live.