Application Security Weekly (Video) artwork

Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169

Application Security Weekly (Video)

English - October 11, 2021 21:00 - 35 minutes - 164 MB Video - ★★★★ - 5 ratings
Technology News Tech News devops technology video applicationsecurityweekly appsec asw keithhoodlet paulasadoorian sdlcsecurity Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Prototype Pollution, Funding Open Source Security, Expiring Root CA, Mariana Trench - ASW #168
Next Episode: Twitch Breach, HTTPd Path Traversal, Disabling Macros, & Great Cybersecurity Programs - ASW #169

SBOM: What does it really tell you and the importance of having one for your organization.

- Finding and fixing known vulnerabilities in dependencies and container images

- Building a source of truth for packages to avoid malicious packages getting through

- Combining continuous packaging and security into a CI/CD pipeline

- Establishing Trust & Provenance in your Software Supply Chain

- Visibility in your Software Supply Chain with upstreams and signatures

 

This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw169