CISO Tradecraft® artwork

CISO Tradecraft: Working On The Supply Chain Gang

CISO Tradecraft®

English - February 21, 2022 11:58 - 20 minutes - 28.4 MB - ★★★★★ - 46 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: #65 - Shall We Play A Game?
Next Episode: #67 - Knock, Knock? Who’s There and Whatcha Want?

On this episode of CISO Tradecraft, you can learn about supply chain vulnerabilities and the 6 important steps you can take to mitigate this attack within your organization:

Centralize your software code repository

Centralize your artifact repository

Scan open source software for malware

Scan software for vulnerabilities and vendor support

Run a Web Application Firewall (WAF)

Run a Runtime Application Self Protection (RASP)

References:

https://owasp.org/www-project-threat-and-safeguard-matrix/

https://slsa.dev/

Infographic: