YoVDO

Securing the Software Supply Chain - Beyond SBOM Risk Assessment

Offered By: Conf42 via YouTube

Tags

Software Supply Chain Security Courses Risk Management Courses DevSecOps Courses Code Quality Courses Vulnerability Assessment Courses Software Composition Analysis Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore a comprehensive conference talk on securing the software supply chain, delivered at Conf42 DevSecOps 2023. Dive into the fundamentals of software composition analysis and risk management, examining contributor profiles, project dynamics, code quality, and vulnerability assessments. Learn how to integrate security measures into deployment pipelines, implement DevSecOps practices, and streamline security assessments. Gain insights on initiating and maintaining a robust security strategy for your software development process, including the introduction of new web service platforms and tools like SourceMotion.

Syllabus

intro
preamble
agenda
marek and aleksander
risk model
fundamentals
whys and whats of software composition analysis
risks - what if we don't?
software composition analysis - risk management scarm
contributor profile
project activity = project dynamics
code quality
vulnerabilities cve dynamics
how to plug it into the software deployment pipeline?
production pipeline
devsecops by linux polska
how to make it happen? just start...
new web service platform...
streamline your security assessments
sourcemotion
thank you, contact us!


Taught by

Conf42

Related Courses

Inspecting Open Source Software Packages for Security and License Compliance
Pluralsight DevSecOps Fundamentals
Cybrary Effective Vulnerability Discovery with Machine Learning
Black Hat via YouTube The Devils in the Dependency - Data Driven Software Composition Analysis
Black Hat via YouTube Protect Yourself Against Supply Chain Attacks
NDC Conferences via YouTube