Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Security Concerns in Every Stage of the Software Supply Chain

Conf42 via YouTube

Overview

Explore security concerns throughout the software supply chain in this 36-minute conference talk from Conf42 DevOps 2024. Delve into topics such as security through obfuscation, the MoveIT transfer vulnerability, and the importance of developer education in coding safely. Examine software dependencies, including the Synopsis 2023 OSSRA report findings and supply-chain levels for software artifacts. Learn about dependency confusion attacks, package mining, and the infamous left-pad incident. Investigate container development challenges and discover hope through OWASP resources, OpenSSF courses, and actionable steps to improve security practices. Gain valuable insights to address vulnerabilities and strengthen your software development process from start to finish.

Syllabus

intro
preamble
background - melissa mckay
jfrog & nginx series
security through obfuscation
moveit transfer vulnerability progress
owasp joke essay
coding safely: developer education
software dependencies
synopsis 2023 ossra report cyrc findings from 2022
supply-chain levels for software artifacts
dependency confusion attack - package mining
managing open source dependencies
the left-pad incident
container development
is there any hope???
what else can we do?
owasp resources cheat sheets
openssf trio of free courses
what can we do???
questions?

Taught by

Conf42

Reviews

Start your review of Security Concerns in Every Stage of the Software Supply Chain

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.