Explore the critical aspects of software security in this 32-minute tutorial focusing on the Struts2 vulnerability. Delve into the evolution of software development practices, from Agile to DevOps, and understand the advantages and risks associated with open source. Examine real-world examples of software supply chain attacks, including the Confluence Server and PipeI Package incidents. Learn about the Biden Executive Order's impact on cybersecurity. Participate in a hands-on workshop to gain practical experience in identifying and addressing vulnerabilities. Discover tools like OS Index for assessing package popularity and security risks across multiple programming languages. Gain insights into integrations and be prepared to tackle questions about modern software security challenges.
Struts2 Vulnerability Workshop - Securing Applications Against Supply Chain Attacks
Overview
Syllabus
Introduction
Why are we building software
Large change in the way we develop
Agile to DevOps
Open Source
Disadvantages of Open Source
Software Supply Chain Attacks
Confluence Server Attack
PipeI Package Attack
Biden Executive Order
Evil Hackers
Workshop Walkthrough
Requirements
Setup
Instructions
OS Index
OS Index Overview
Supported Languages
AHAB
How popular is that package
Integrations
Questions
Taught by
Linux Foundation
Tags
Related Courses
-
Securing the Unseen: Defending Against Open Source Software Supply Chain Attacks
-
Security Concerns in Every Stage of the Software Supply Chain
-
Securing the Software Supply Chain: From Threats to Best Practices
-
Supply Chain Armoring: Tools and Techniques for Open Source Projects
-
Protect Yourself Against Supply Chain Attacks
-
Secure Software Supply Chains for Python
