Explore emerging best practices in software supply chain security in this 14-minute conference talk from Security BSides San Francisco. Delve into the guidelines released by the White House, OWASP, Google, and other organizations in response to attackers exploiting insecure software deployment pipelines. Break down key takeaways and compile a comprehensive list of best practices for mitigating software supply chain security risks. Learn about the necessity of new security frameworks, including the NIST SSSDF and Google Salsa. Gain valuable insights into current gaps in the field and discover practical strategies to enhance your organization's software supply chain security posture.
Emerging Best Practices in Software Supply Chain Security - What We Can Learn from Google, the White House, OWASP, and Gartner
Security BSides San Francisco via YouTube
Overview
Syllabus
Introduction
Why do we need new security frameworks
NIST SSSDF
Google Salsa
Key Learnings
Gaps
Taught by
Security BSides San Francisco
Related Courses
-
Google SLSA and NIST SSDF - Emerging Software Supply Chain Security Best Practices
-
Open Source Software Supply Chain Security - Understanding Threats and Best Practices
-
Software Supply Chain Security
-
Securing the Software Supply Chain: From Threats to Best Practices
-
Securing the Open Source Software Supply Chain
-
Cryptographic Governance - Software Supply Chain Security with CBOM
