Securing Software Supply Chains Using the SLSA Framework
Offered By: DevSecCon via YouTube
Course Description
Overview
Explore software supply chain security through the SLSA (Supply-chain Levels for Architects) framework in this 20-minute DevSecCon talk. Learn practical, vendor-neutral strategies to enhance the resilience of your software supply chain, addressing critical issues like Log4j and SolarWinds incidents. Dive into key SLSA areas, including code security, build process protection, provenance, and secure deployment, to create a more robust software development lifecycle. Gain insights into typical security practices and gradual improvement plans for each major area. Benefit from speaker Kaif Ahsan's expertise as a Product Security Engineer at Atlassian, combining his background in software development and cybersecurity. Ideal for professionals in defensive cybersecurity roles and those aiming to deliver more secure software and services.
Syllabus
Securing our Software Supply Chains using the SLSA Framework - Kaif Ahsan
Taught by
DevSecCon
Related Courses
Security Is an Ecosystem - We Can't Be Secure in IsolationLinux Foundation via YouTube Improving the Security of a Large Open Source Project One Step at a Time
Linux Foundation via YouTube Simplifying Coordinating Vulnerabilities and Disclosures in Open Source Projects
Linux Foundation via YouTube SLSA in Action: Securing the Software Supply Chain
Linux Foundation via YouTube Implementing OpenSSF Best Practices Badges and Scorecards for Project Security
Linux Foundation via YouTube