A Different Kind of S3 - First Line Security of the Supply Chain
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore essential strategies for securing the software supply chain in this 18-minute conference talk by John Amaral of Slim.AI. Learn about the critical importance of supply chain security in light of recent high-profile breaches like Solarwinds, CodeCov, and Log4j. Discover the "three S's" approach to enhancing security: Software Bill of Materials (SBOM), Signing, and Slimming. Understand how to identify and inventory your software components, verify packages through immutable identity, and minimize attack surfaces by slimming down your codebase. Gain practical insights on implementing these methods as first-line security controls to protect your production operations from potential zero-day exploits and vulnerabilities in third-party and open-source packages.
Syllabus
A Different Kind of S3: First Line Security of the Supply Chain - John Amaral, Slim.AI
Taught by
Linux Foundation
Tags
Related Courses
Target Rich Cyber PoorBSidesLV via YouTube The A's, B's, and Four C's of Testing Cloud-Native Applications
LASCON via YouTube SBOM Challenges and How to Fix Them
BSidesLV via YouTube The Case for Software Bill of Materials
BSidesLV via YouTube Collaborating to Improve Open Source Security - How the Ecosystem Is Stepping Up
RSA Conference via YouTube