Navigating a Mined World: Repositories, Registries and Artifact Storages

As binary and package managers continue to gain popularity, the need for secure code repositories that can be trusted is becoming increasingly important. With the ever-growing threat of cyber attacks, malicious packages in these repositories are becoming a significant concern. This security research-backed presentation aims to showcase the current state of binary and package manager repositories, including an overview of the most commonly used ones. We will examine the risk level associated with using these repos, including potential risks associated with user authentication, malicious packages, and software supply chain attacks. We will also explore how vulnerabilities can be mitigated, such as by implementing secure coding practices, proper authentication and authorization strategies, and standard security protocols. In the end, you'll gain a better understanding of the importance of securing code repositories, and how you can prevent vulnerabilities known to target your supply chain.