Cloud Security Podcast by Google artwork

Linking Up The Pieces: Software Supply Chain Security at Google and Beyond

Cloud Security Podcast by Google

English - July 26, 2021 17:31 - 23 minutes - 31.7 MB - ★★★★★ - 33 ratings
Technology cloudsecurity cloud cybersecurity security Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Threat Detection at Google Cloud Security Summit
Next Episode: Beyond Compliance: Cloud Security in Europe

Guests:

Eric Brewer, VP of Infrastructure, and Google Fellow @ Google Aparna Sinha, Director of Product Management @ Google Cloud

Topics:

What is software supply chain security and how is it different from other kinds of supply chain security?  What types of organizations need to care about it? Is supply chain security a concern for large, elite enterprises only?  What’s the relationship between what we’re doing here, and what SBOM is? Can you talk us through a quick threat assessment of a supply chain security issue? What are the realistic threats here and who are the threat actors involved? How does Google try to solve these problems internally? Have we succeeded?  How does this translate into our products? By the way, what’s SLSA?

Resources:

“Container Security: Building trust in your software supply chain” (live event on July 29, 2021) “Tracking The Trail Of Software: The Key To Boosting Security”  “Introducing SLSA, an End-to-End Framework for Supply Chain Integrity” DORA study