Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Securing the Software Supply Chain: From Threats to Best Practices

Linux Foundation via YouTube

Overview

Explore the critical aspects of securing the software supply chain in this comprehensive 59-minute fireside chat sponsored by Cloudsmith. Gain insights from industry experts as they delve into the history of supply chain security threats, security development, and deployment strategies. Learn about various types of attacks, including availability issues, dependency vulnerabilities, and development tool exploits. Discover ongoing open-source projects and initiatives addressing software supply chain security needs. Understand the challenges and considerations in tackling this complex problem. Explore Cloudsmith and ChainGuard's contributions to simplifying these issues and learn actionable steps for individuals and organizations to enhance software supply chain security. Dive into topics such as Software Bill of Materials, Executive Order 14028, provenance, open-source security, and best practices for building trust and implementing security by default.

Syllabus

Intro
Agenda
Introductions
About Cloudsmith
About Chain Guard
SolarWinds Attack
What is Software Supply Chain
Software Build Materials
Executive Order 14028
Provenance
Open Source
Trust
Security by default
Security attacks
Lets Encrypt
Cosine
Open source momentum
Shared ecosystem of providence
Meeting users where they are
Conclusion
The Challenge
Cosine and Salsa
Best Practices

Taught by

Linux Foundation

Reviews

Start your review of Securing the Software Supply Chain: From Threats to Best Practices

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.