Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Analyzing Google's SLSA Framework for Securing Software Supply Chains

OWASP Foundation via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore Google's "Supply Chain Levels for Software Artifacts" (SLSA) framework in this 20-minute OWASP Foundation conference talk. Delve into the growing threat of software supply chain attacks and learn how SLSA aims to address this critical AppSec need. Examine the framework's approach, key areas of focus, and controls for attaining each level. Gain insights into additional aspects of software supply chain security not covered by SLSA. Understand the collapse of the SDLC into SCM and the implications for security. Analyze the framework's components, including Source, Build, Provenance, and Common elements, while identifying areas that fall outside the scope of SLSA.

Syllabus

Intro
2021 is the Year of the Software Supply Chain Attack
The SDLC has collapsed into SCMS
Google's SLSA Levels
Google's SLSA framework - Source
Source - Out of Scope
Google's SLSA framework - Build
Google's SLSA framework - Provenance con
Build & Provenance - Out of Scope
Google's SLSA framework - Common
Common - Out of Scope

Taught by

OWASP Foundation

Reviews

Start your review of Analyzing Google's SLSA Framework for Securing Software Supply Chains

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.