Learn essential software supply chain security concepts and best practices in this 35-minute conference talk from the Eclipse Foundation. Explore recent security incidents highlighting the critical importance of secure software development and distribution. Master key concepts including software bill of materials (SBOM) creation, automated builds, and provenance attestations. Examine recommendations from open source foundations and government agencies regarding supply chain security. Discover how tools like Dependabot help maintain software security post-publication and understand developer responsibilities in preventing supply chain vulnerabilities. Gain practical knowledge of Java-specific tools and processes for producing secure software, with actionable steps to implement or upgrade security measures in Java projects following industry best practices.
Overview
Syllabus
A Java Developer’s Guide to Supply Chain Security - OCX 2024
Taught by
Eclipse Foundation
Related Courses
-
Developer Security Champion: Supply Chain Security
-
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
-
Enterprise Security Leadership: Understanding Supply Chain Security
-
Supply Chain Risk Management with OWASP Dependency-Check
-
Hyades - Dependency Track for Enterprise Supply Chain Security with SBOM
-
Supply Chain Security - The First Steps
