Daniel Cuthbert, Global Head of Cyber Security Research for Santander Group
Over the past 18 months, Daniel and his team have tackled a pressing question: What cryptography do you have, and is it post-quantum secure? What started as a simple inquiry quickly turned into a deep dive into the cryptographic practices in the global software supply chain.
Teaming up with experts from Santander UK, Microsoft, GitHub, and others, they scanned thousands of repositories using variant analysis to uncover how cryptography is utilized in software dependencies worldwide.
In this presentation, Daniel will share the wild ride of their research journey, the methodologies they employed, and some eye-opening findings. Plus, Daniel will unveil the tools, queries, and CBOMs created along the way. This collaborative effort aims to boost supply chain security. It’s a call to arms for organizations to take action as we prepare for a post-quantum world.