Securing Python Projects Supply Chain

Securing Python Projects Supply Chain

DevConf via YouTube Direct link

Intro

1 of 17

1 of 17

Intro

Class Central Classrooms beta

YouTube videos curated by Class Central.

Classroom Contents

Securing Python Projects Supply Chain

Automatically move to the next video in the Classroom when playback concludes

  1. 1 Intro
  2. 2 The real cost of a vulnerable supply chain
  3. 3 SolarWinds attack
  4. 4 Secure supply chain frameworks
  5. 5 Software signing
  6. 6 Vulnerability databases
  7. 7 Vulnerabilities and PyPI
  8. 8 PyPI and malicious packages
  9. 9 SBOMS and VEX
  10. 10 Python container images
  11. 11 Scanning for vulnerabilities in source code
  12. 12 Python community initiatives
  13. 13 PEP 458 & PEP 480
  14. 14 PEP 708: Extending the Repository API to Mitigate Dependency Confusion Attacks
  15. 15 PEP 710: Recording the provenance of installed packages
  16. 16 SLSA Supply-chain Levels for Software Artifacts
  17. 17 Graph for Understanding Artifact Composition

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.