Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Fight Back Against Cyber Risk in the Software Supply Chain - Secure DevSecOps Pipeline for Regulated Environments

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore strategies to combat cyber risks in the software supply chain through a secure and compliant DevSecOps pipeline designed for regulated environments. Learn from IBM experts Krishna Rajeesh Nallur Valiyaveettil and Brendan Kelly as they share their experience helping clients address security challenges using open-source tools. Discover best practices for secure software supply chains, including reliable automation with Everything as Code, early mitigation of security risks, standardization, and evidence gathering for audits. Gain insights into a specific solution based on the BIAN architectural framework for banking interoperability, demonstrating the application of Continuous Integration, Continuous Deployment, and Continuous Compliance using open-source tools like Tekton, Terraform, and SonarQube. Understand the importance of secure DevSecOps pipelines in regulated environments, particularly in the financial services sector, and learn how to implement these practices to reduce cyber threats and ensure safe deployment of regulated workloads.

Syllabus

Intro
Cyber Risk affecting SW Supply Chains
Supply Chain Risks
DevSecOps Pipeline Principles
Continuous Integration
Continuous Delivery/Deployment
Continuous Compliance
Case Study - BIAN
BIAN Pipeline Flow
Lessons Learned

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Fight Back Against Cyber Risk in the Software Supply Chain - Secure DevSecOps Pipeline for Regulated Environments

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.