Emerging Best Practices in Software Supply Chain Security - What We Can Learn from Google, the White House, OWASP, and Gartner
Security BSides San Francisco via YouTube
Overview
This course covers emerging best practices in software supply chain security by analyzing guidelines from Google, the White House, OWASP, and Gartner. The goal is to identify key takeaways and compile a list of best practices for mitigating security risks in software deployment pipelines. The course teaches about the NIST SSSDF framework, Google Salsa, and key learnings in this area. The teaching method involves breaking down the guidelines and discussing gaps in current security frameworks. This course is intended for individuals interested in enhancing software supply chain security practices.
Syllabus
Introduction
Why do we need new security frameworks
NIST SSSDF
Google Salsa
Key Learnings
Gaps
Taught by
Security BSides San Francisco