Explore the challenges and solutions for securing diverse supply chains in interconnected systems through this insightful conference talk. Discover how SpaceX tackles the complexities of managing software components, libraries, and tooling across various teams and departments. Learn about the implementation of Software Bill of Materials (SBOM) and vulnerability discovery tools, including Syft, Grype, and OWASP Dependency Check, integrated into software development processes and continuous integration pipelines. Gain valuable insights on reducing cycle time for developers to address potential vulnerabilities and efficiently prioritizing work across projects. Understand the importance of layered security approaches in large software systems and how they contribute to more effective vulnerability management and mitigation strategies.
Securing Diverse Supply Chains Across Interconnected Systems
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Securing Diverse Supply Chains Across Interconnected Systems - Wayne Starr & Aaron Creel
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Supply Chain Risk Management with OWASP Dependency-Check
-
A Radiography of a SBOM Vulnerability Scanner
-
Securing Software Supply Chains with In-Toto
-
Securing Your Supply Chain with an Open Source Ecosystem
-
Securing Software Supply Chain - Problems, Solutions, and AI/ML Challenges
-
OWASP Dependency Track - Software Composition Analysis and Vulnerability Management
