Explore essential strategies for securing the software supply chain in this 18-minute conference talk by John Amaral of Slim.AI. Learn about the critical importance of supply chain security in light of recent high-profile breaches like Solarwinds, CodeCov, and Log4j. Discover the "three S's" approach to enhancing security: Software Bill of Materials (SBOM), Signing, and Slimming. Understand how to identify and inventory your software components, verify packages through immutable identity, and minimize attack surfaces by slimming down your codebase. Gain practical insights on implementing these methods as first-line security controls to protect your production operations from potential zero-day exploits and vulnerabilities in third-party and open-source packages.
A Different Kind of S3 - First Line Security of the Supply Chain
Overview
Syllabus
A Different Kind of S3: First Line Security of the Supply Chain - John Amaral, Slim.AI
Taught by
Linux Foundation
Tags
Related Courses
-
A Different Kind of S3 - First Line Security of the Supply Chain
-
Securing Your .NET Application Software Supply Chain
-
Supercharge Your Software Supply Chain Security Strategy with Multi-SBOM Integration
-
Beyond the Code - SBOM and Supply Chain Security
-
Using CNCF Best Practices to Enhance Software Supply Chain Security
-
From SBOM to Trusted Software Supply Chain - How Far Are We?
