Overview
This webcast aims to help participants identify risks in their software supply chain through enhanced security testing and adversary simulation. The course covers topics such as understanding the supply chain vulnerability, risks, and security, as well as providing insights into supplier attacks, software vulnerabilities, and ways to mitigate risks through vendor risk assessments, policies, and various testing methods. The teaching method involves a presentation by an industry expert, and the course is intended for individuals interested in enhancing their understanding of supply chain security and testing.
Syllabus
Introduction
John Sawyer
Overview
Paradigm Shift
Supply Chain Vulnerability
How far does the supply chain go
Supply chain risks
Supply chain security
Minecast compromise
Minor Enterprise Attack Framework
Supply Chain Compromise
Supplier Attacks
Software Vulnerabilities
Example of a Compromise
What Can You Do
Vendor Risk Assessments
Policies
Intelligence gathering
Different areas of testing
Security
Penetration Testing
Source Code Security
Taught by
RSA Conference