Overview
Dive into a comprehensive exploration of software supply chain security in this 18-minute conference talk by Abdullah Garcia from J.P. Morgan. Gain valuable insights into the incremental nature of software supply chain attacks and learn how to analyze processes for software ingestion, integration, and testing to account for Supplier Risk. Discover the benefits and vulnerabilities of open source software within the supply chain context. Understand how a risk-based model can effectively respond to attacks, even when detected later in the supply chain. Acquire critical knowledge about necessary changes in processes and software tools, including open source solutions, to support this approach. Walk away with a deeper understanding of how to implement a risk-based strategy to enhance software supply chain security in your organization.
Syllabus
Exploring a Risk Approach to Software Supply Chain Security - Abdullah Garcia, J.P. Morgan
Taught by
OpenSSF