Completed
Intro
Class Central Classrooms beta
YouTube videos curated by Class Central.
Classroom Contents
Threat Modeling the CI/CD Pipeline to Improve Software Supply Chain Security
Automatically move to the next video in the Classroom when playback concludes
- 1 Intro
- 2 Notable Incidents
- 3 Fundamental Disconnect . We have developed tremendous tooling and automation that allows us to create secure, reliable software at a scale not previously considered
- 4 Threat Modeling Overview
- 5 Confidentiality Impact
- 6 Availability Impact
- 7 Supporting Infrastructure
- 8 The Perimeter is the Problem
- 9 Example CI/CD Pipeline Dataflow
- 10 Follow a Code Change
- 11 General/Overarching Concerns
- 12 Source Repository and Workflow Engine
- 13 Open Source Component Management
- 14 Open Source Backdoor Concerns
- 15 Build Management
- 16 Security Testing and Backdoors
- 17 Software Packaging and Distribution
- 18 Software Packaging - Monolithic applications vs. Microservice applications
- 19 Software Distribution
- 20 Using the Threat Model
- 21 Vendor Management
- 22 Potential Argument Discussion Points
- 23 Questions