Overview
Explore the critical issue of supply chain attacks in this 35-minute conference talk by Susan St. Clair from Whitesource. Delve into the current state of software supply chain security, examining key findings from the EU Threat Landscape Report. Gain insights into the vulnerabilities within the Composer ecosystem and understand the importance of Software Bills of Materials (SBOMs). Learn about best practices for mitigating risks and protecting your organization from potential threats. Discover why there is no one-size-fits-all solution and how to navigate the complex ecosystem of software dependencies. Equip yourself with the knowledge to address this new reality in cybersecurity and strengthen your organization's defenses against supply chain attacks.
Syllabus
Introduction
Software Supply Chain
EU Threat Landscape Report
State of Software Supply Chain
Composer
Know what the problem is
Software Bill of Materials
Machine readable
Fix nothing
How are we exposed
There is no silver bullet
The ecosystem
Best practices
Summary
Outro
Taught by
Linux Foundation