Learn about the process, challenges, and key insights from an external security audit of the Adoptium project's Temurin JDK supply chain in this 29-minute conference talk. Gain valuable perspective on preparing for and executing security audits, from initial scope definition through post-audit actions. Discover how external auditors validate security processes, mitigate risks, and enhance cybersecurity posture through examination of critical code and software repositories. Follow along with firsthand engineering experiences and practical lessons that illuminate this essential process for maintaining secure software supply chains.
Navigating a Security Audit: Insights, Challenges and Lessons Learned from Temurin JDK
Eclipse Foundation via YouTube
Overview
Syllabus
Navigating a security audit, the insights, challenges, experiences and lessons learnt - OCX 2024
Taught by
Eclipse Foundation
Related Courses
-
Insights from Zephyr Security Audit and Vulnerability Experiences
-
Lessons Learned Building a Software Supply Chain Security Team
-
Enforcing Supply Chain Security and Simplifying Compliance Audit for ArgoCD Deployments
-
A Different Kind of S3 - First Line Security of the Supply Chain
-
Enhancing Software Supply Chain Security: Approaches to Software Composition Analysis
-
Software Supply Chain Security with TAG Security
