YoVDO

Eliminating the Unknowns: Using GUAC to Better Understand Your Software Supply Chain

Offered By: Linux Foundation via YouTube

Tags

Software Supply Chain Security Courses Knowledge Graphs Courses SPDX Courses GUAC Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore how GUAC, an open-source software supply chain knowledge graph, can aggregate metadata from various document formats and public databases to illuminate your software supply chain. Learn to utilize GUAC as a data source for policy engines in admission control decisions and as a tool for security practitioners to audit organizational software supply chains. Discover the importance of analyzing supply chain metadata beyond compliance, focusing on risk reduction through better understanding of upstream dependencies in software and systems. Gain insights into managing diverse supply chain metadata formats, including CycloneDX and SPDX SBOMs, in-toto based SLSA attestations signed by Sigstore, and OSV information, to make informed decisions on the safety and security of your software development lifecycle.

Syllabus

Eliminating the Unknowns: Using GUAC to Better Understand Your Software Supply... Michael Lieberman


Taught by

Linux Foundation

Tags

Related Courses

From Graph to Knowledge Graph – Algorithms and Applications
Microsoft via edX
Knowledge Graphs
openHPI
Advanced SEO: Search Factors
LinkedIn Learning
Building Knowledge Graphs with Python
Pluralsight
Data Science Foundations: Knowledge Graphs
LinkedIn Learning