Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Using CNCF Best Practices to Enhance Software Supply Chain Security

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore how CNCF best practices for software supply chain security were implemented at 3M to enhance their security posture in this conference talk. Learn about the journey to improve code security, including the evangelization of improved security policies and informing various organizational functions. Discover how these best practices were applied to enhance policy, process, procedure, and build across the Software Development Lifecycle, with a focus on securing open-source components. Gain insights into 3M's response to supply chain attacks and vulnerabilities like Log4J, and understand their approach to implementing standards-based Software Bill of Materials (SBOM). The presentation covers topics such as DevSecOps, Joe Biden's Executive Cyber Security Order, the CNCF document, dynamic inventory, and valuable lessons learned throughout the process.

Syllabus

Intro
Ryan Gibbons 3M
Software Supply Chain
How This Worked at 3M
Where Did We Start
Before and After
DevSecops
Joe Bidens Executive Cyber Security Order
The CNCF Document
What is it about
The document
Conors approach
Dynamic Inventory
Lessons Learned

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Using CNCF Best Practices to Enhance Software Supply Chain Security

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.