Secure Software Supply Chain: Current State in PHP and Drupal Ecosystem
Offered By: Drupal Association via YouTube
Course Description
Overview
Explore the secure software supply chain and its current state within the PHP and Drupal ecosystem in this 37-minute DrupalCon Lille 2023 conference talk. Delve into major global events like SolarWinds, log4shell, codecov, and packagist, and learn about potential threats and mitigation strategies. Discover how to implement tools such as Sigstore, Syft, and Grype for digital signatures, SBOM generation, and automatic vulnerability scanning in real-world projects. Gain valuable insights into creating a secure supply chain pipeline for Drupal projects through a practical demonstration of these tools in action.
Syllabus
What is the secure software supply chain and the current state of the PHP and Drupal ecosystem
Taught by
Drupal Association
Related Courses
Securing Your Software Supply Chain with SigstoreLinux Foundation via edX Hands-on Introduction to Sigstore - Securing the Software Supply Chain
Rawkode Academy via YouTube Protecting the World's Greatest Open Source Ecosystem with Sigstore
Devoxx via YouTube PGP vs Sigstore - The Match at Maven Central
Devoxx via YouTube Securing Your Infrastructure as Code Pipeline
Linux Foundation via YouTube