Top 5 Reasons and 5 Myths Debunked to Invest in Securing the Software Supply Chain
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the critical importance of securing the software supply chain in this 22-minute conference talk by Hector Linares from Microsoft. Discover the top 5 reasons to invest in supply chain security and debunk 5 common myths surrounding the topic. Learn about the Supply Chain Integrity Model (SCIM) and its role in managing security, quality, and integrity across end-to-end supply chains. Gain insights into maximizing ROI in software supply chain security and creating a trusted platform for the Software Development Lifecycle (SDLC). Understand the implications of recent vulnerabilities like Log4j and the NOBELIUM attack, as well as the requirements of Executive Order 14028 and the NIST Secure Software Development Framework (SSDF).
Syllabus
Intro
Supply Chain - in context
SBOM - peeling the onion
Myth: SBOM - Create one and you are done
SCITT Overview
SCITT Architecture
Myth: I can use willpower alone to push through the difficult days
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Hardening Your Soft Software Supply ChainPluralsight DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
Pluralsight Securing Your Software Supply Chain with Sigstore
Linux Foundation via edX GitHub Supply Chain Security Using GitGat
Linux Foundation via edX Kyverno - Deep Dive - Tech Talks
Mirantis via YouTube