Join a 50-minute Linux Foundation live webinar exploring comprehensive supply chain security strategies. Delve into InfoSec principles, "everything as code" approaches, and the importance of supply chain context. Learn about declarative and deterministic security practices, securing various layers from infrastructure to application code, and protecting dependencies. Explore techniques for safeguarding open-source supply chains, container images, and deployments. Discover best practices for maintaining runtime security and gain valuable insights to enhance your organization's overall security posture.
Supply Chain Security: From Infrastructure to Application, Code to Cloud
Overview
Syllabus
Intro
Security (A.K.A. InfoSec)
Everything as code
Invert our thinking
The Importance of Supply Chain Context - Part 1
Declarative = Deterministic
The (Supply Chain) Layers
Secure the base (or cloud)
Securing the code (The actual application source code)
Securing your dependencies FRIENDS
Securing the (OSS) supply chain
Securing the image • Pros Teaches best practices
Layer 5: Securing the deployment . Abstractions Difficult to scan the code
The Runtime - Maintain the state of security!
Key takeaways
Taught by
Linux Foundation
Tags
Related Courses
-
Developer Security Champion: Supply Chain Security
-
Protecting Ourselves from CNCFgate - Software Supply Chain Security at CNCF - Practices, and Tools
-
Open Source Supply Chain Security for Enterprises
-
Securing the Unseen: Defending Against Open Source Software Supply Chain Attacks
-
Beyond the Code - SBOM and Supply Chain Security
-
How to Secure Your Software Supply Chain on Windows Server
