This course covers emerging best practices in software supply chain security by analyzing guidelines from Google, the White House, OWASP, and Gartner. The goal is to identify key takeaways and compile a list of best practices for mitigating security risks in software deployment pipelines. The course teaches about the NIST SSSDF framework, Google Salsa, and key learnings in this area. The teaching method involves breaking down the guidelines and discussing gaps in current security frameworks. This course is intended for individuals interested in enhancing software supply chain security practices.
Emerging Best Practices in Software Supply Chain Security - What We Can Learn from Google, the White House, OWASP, and Gartner
Security BSides San Francisco via YouTube
Overview
Syllabus
Introduction
Why do we need new security frameworks
NIST SSSDF
Google Salsa
Key Learnings
Gaps
Taught by
Security BSides San Francisco
Related Courses
-
Securing the Open Source Software Supply Chain
-
Taking Control of Cyber-Supply Chain Security
-
Getting Started with Supply Chain Security is Easier Than You Think - Perspectives From a Highly Regulated Industry
-
Supply Chain Security for OpenSource Projects
-
Broken Links - Emergence and Future of Software-Supply Chain Compromises
-
Why You Should Care About Open Source Supply Chain Security
