[INPERSON] Do you trust your NuGet packages?
Details
This event is for people who join the event in person at TechTalk.
If you join the event remotely, please RSVP here: https://www.meetup.com/dotnet-austria/events/311363578
This meetup is organized by DotNetDevs.at (https://dotnetdevs.at/).
Abstract
For over 14 years, modern .NET development has heavily relied on NuGet packages. But with this convenience comes risk. While supply chain attacks via packages are less frequent in the .NET ecosystem than in the JavaScript world, it is only a matter of time before we face a serious incident.
NuGet and .NET offer features that improve developer productivity — but in the wrong combinations, other features can be abused to execute malicious code during something as simple as a package restore. Understanding these inner workings is key to protecting your applications.
In this talk, you’ll learn how to critically evaluate NuGet packages, identify potential risks, and decide whether they deserve your trust.
Andreas "SabotageAndi" Willich, Team Lead & Senior Software Developer at TechTalk and Chairman of DotNetDevs.at, will share practical insights to help your team safeguard its development loop. After this talk, you will never look at NuGet packages the same way again.
Location, Food & Drinks are sponsored by TechTalk.
Timetable:
- 18:00: Door opens at TechTalk
- 18:30: Intro
- 18:35: Talk starts
- 19:30: Food & Drinks
- 21:00: End
Recordings will be available afterward at https://go.dotnetdevs.at/recordings
This meetup is organized by DotNetDevs.at (https://dotnetdevs.at/).
DotNetDevs.at is sponsored by
- RUBICON IT GmbH (https://www.rubicon.eu/rubicon/)
- JetBrains (https://jetbrains.com)