Explore the critical aspects of securing the software supply chain in this 25-minute DockerCon 2021 talk by Brendan O'Leary. Delve into recent high-profile supply chain attacks, including the SolarWinds and FireEye hacks, to understand their implications. Learn about dependencies, the components of a software supply chain, and the importance of production systems in the overall security landscape. Examine survey results from the DefSec Op Survey to gain insights into industry practices. Discover strategies for implementing a robust supply chain defense-in-depth approach to protect your organization from potential vulnerabilities and threats.
As Strong as the Weakest Link - Securing the Software Supply Chain
Overview
Syllabus
Introduction
Supply Chain Attacks
SolarWinds Hack
FireEye Hack
SolarWinds
Dependencies
Meet Brent
What is a dependency
What is a software supply chain
What does a software supply chain include
Production systems
Supply chain security
DefSec Op Survey
Supply Chain Defense in Depth
Outro
Taught by
Docker
Related Courses
-
Developer Security Champion: Supply Chain Security
-
Supply Chain Risk Management with OWASP Dependency-Check
-
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
-
Securing Python Projects Supply Chain
-
Securing the Software Supply Chain: From Threats to Best Practices
-
Securing Your .NET Application Software Supply Chain
