Securing the Software Supply Chain: From Threats to Best Practices
Offered By: Linux Foundation via YouTube
Course Description
Overview
Explore the critical aspects of securing the software supply chain in this comprehensive 59-minute fireside chat sponsored by Cloudsmith. Gain insights from industry experts as they delve into the history of supply chain security threats, security development, and deployment strategies. Learn about various types of attacks, including availability issues, dependency vulnerabilities, and development tool exploits. Discover ongoing open-source projects and initiatives addressing software supply chain security needs. Understand the challenges and considerations in tackling this complex problem. Explore Cloudsmith and ChainGuard's contributions to simplifying these issues and learn actionable steps for individuals and organizations to enhance software supply chain security. Dive into topics such as Software Bill of Materials, Executive Order 14028, provenance, open-source security, and best practices for building trust and implementing security by default.
Syllabus
Intro
Agenda
Introductions
About Cloudsmith
About Chain Guard
SolarWinds Attack
What is Software Supply Chain
Software Build Materials
Executive Order 14028
Provenance
Open Source
Trust
Security by default
Security attacks
Lets Encrypt
Cosine
Open source momentum
Shared ecosystem of providence
Meeting users where they are
Conclusion
The Challenge
Cosine and Salsa
Best Practices
Taught by
Linux Foundation
Tags
Related Courses
DevOps CI/CD Pipeline: Automation from development to deploymentUniversidad Anáhuac via edX DevOps Pipeline: Automatización hasta el despliegue
Universidad Anáhuac via edX Exploring the Benefits of Continuous Security and Compliance for Cloud Infrastructure
Pluralsight Integrating Incident Response into DevSecOps
Pluralsight DevSecOps: Building a Secure Continuous Delivery Pipeline
LinkedIn Learning