Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Securing the Software Supply Chain - Beyond SBOM Risk Assessment

Conf42 via YouTube

Overview

Explore a comprehensive conference talk on securing the software supply chain, delivered at Conf42 DevSecOps 2023. Dive into the fundamentals of software composition analysis and risk management, examining contributor profiles, project dynamics, code quality, and vulnerability assessments. Learn how to integrate security measures into deployment pipelines, implement DevSecOps practices, and streamline security assessments. Gain insights on initiating and maintaining a robust security strategy for your software development process, including the introduction of new web service platforms and tools like SourceMotion.

Syllabus

intro
preamble
agenda
marek and aleksander
risk model
fundamentals
whys and whats of software composition analysis
risks - what if we don't?
software composition analysis - risk management scarm
contributor profile
project activity = project dynamics
code quality
vulnerabilities cve dynamics
how to plug it into the software deployment pipeline?
production pipeline
devsecops by linux polska
how to make it happen? just start...
new web service platform...
streamline your security assessments
sourcemotion
thank you, contact us!

Taught by

Conf42

Reviews

Start your review of Securing the Software Supply Chain - Beyond SBOM Risk Assessment

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.