Overview
Explore the critical aspects of securing the software supply chain in this 25-minute DockerCon 2021 talk by Brendan O'Leary. Delve into recent high-profile supply chain attacks, including the SolarWinds and FireEye hacks, to understand their implications. Learn about dependencies, the components of a software supply chain, and the importance of production systems in the overall security landscape. Examine survey results from the DefSec Op Survey to gain insights into industry practices. Discover strategies for implementing a robust supply chain defense-in-depth approach to protect your organization from potential vulnerabilities and threats.
Syllabus
Introduction
Supply Chain Attacks
SolarWinds Hack
FireEye Hack
SolarWinds
Dependencies
Meet Brent
What is a dependency
What is a software supply chain
What does a software supply chain include
Production systems
Supply chain security
DefSec Op Survey
Supply Chain Defense in Depth
Outro
Taught by
Docker