Explore the Open Software Supply Chain Attack Reference (OSC&R), a new security framework addressing software supply chain vulnerabilities, in this 42-minute OWASP Foundation conference talk. Gain insights into the unique characteristics of the software supply chain ecosystem and learn how to apply the OSC&R model through real-world examples. Analyze past attacks, assess security postures, conduct tabletop exercises, and address incident response and crisis management. Acquire the knowledge and skills to evaluate DevSecOps programs and improve overall software supply chain security posture.
Open Software Supply Chain Attack Reference (OSC&R) - OWASP Foundation
Overview
Syllabus
OSC&R - Open Software Supply Chain Attack Reference
Taught by
OWASP Foundation
Related Courses
-
Developer Security Champion: Supply Chain Security
-
Secure Software Supply Chain for CSSLP®
-
Supply Chain Risk Management with OWASP Dependency-Check
-
Enterprise Security Leadership: Understanding Supply Chain Security
-
XZ Backdoor Supply Chain Vulnerability: What You Should Know
-
Incident Response Lifecycle
