Explore a powerful CLI tool for Go that enhances security by identifying privileged permissions in package dependencies. Dive into the world of supply chain threats and learn how static analysis can prevent attacks and promote secure coding practices within the Go ecosystem. Discover how this tool provides crucial visibility into package behaviors, helping developers detect unexpected capabilities and potential vulnerabilities. Gain insights into the importance of understanding implicit package capabilities and how this knowledge can be leveraged to strengthen your Go projects against supply chain attacks.
Understanding Supply Chain Threats with Static Analysis - GopherCon 2023
Overview
Syllabus
GopherCon 2023: Jess McClintock - Understanding Supply Chain Threats with Static Analysis
Taught by
Gopher Academy
Related Courses
-
DevOps with GitHub and Azure: Implementing Software Supply Chain Security with GitHub
-
Capslock: Escaping Bad Dependencies
-
Supply Chain Security with Go
-
Supply Chain Attacks - Focusing on NPM Vulnerabilities and Defenses
-
Security Concerns in Every Stage of the Software Supply Chain
-
Securing the Software Supply Chain - Go Checksum Database
