Learn how to navigate the complex landscape of software supply chain security in this 15-minute DevSecCon conference talk that demystifies key concepts like SBOM, VEX, SLSA, and GUAC. Explore beyond surface-level compliance requirements to gain a deeper understanding of why these security measures matter and how they protect against current and future threats. Discover practical insights into source code analysis and supply chain security that will help make informed decisions about implementing security tools and strategies to better protect your organization.
Understanding Software Component Analysis (SCA) in Plain Language
Overview
Syllabus
What is going on in your source code? Understanding SCA in plain language
Taught by
DevSecCon
Related Courses
-
What Is Going On In Your Source Code? Understanding Software Component Analysis in Plain Language
-
DevSecOps Fundamentals
-
Software Supply Chain Security for Those in a Rush
-
Eliminating the Unknowns: Using GUAC to Better Understand Your Software Supply Chain
-
GUAC Verification for Software Supply Chain Security
-
Open Source Software Supply Chain Security - Understanding Threats and Best Practices
