Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Reflections on Trust in the Software Supply Chain

OWASP Foundation via YouTube

Overview

Explore the critical landscape of software supply chain security in this 45-minute OWASP 2023 Global AppSec DC conference talk. Examine the current state and challenges organizations face in ensuring software security and trustworthiness. Evaluate ongoing efforts such as Supply-chain Levels for Software Artifacts (SLSA), Software Bill of Materials (SBOM), code signing, and build tool chain security. Witness a demonstration exposing potential security theater in some current initiatives. Conclude with an insightful discussion on binary-source validation as a promising solution for enhancing software supply chain security. Gain valuable insights from Jeremy Long, Principal Security Engineer at ServiceNow and founder of the OWASP dependency-check project, as he shares his expertise in security automation and secure development processes.

Syllabus

Reflections on Trust in the Software Supply Chain

Taught by

OWASP Foundation

Reviews

Start your review of Reflections on Trust in the Software Supply Chain

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.