Facebook Pixel
Application Security Weekly (Video)

Supply Chain Management - Doug Barbin - ASW #147

Supply chain security isn't new, despite the renewed attention from the Solar Winds attack. It has old challenges, like having an accurate asset or app inventory, and new opportunities, like Software Bill of Materials. From consequences to code integrity, DevOps teams need to understand how to protect their own code from others' components.

Additional resources:

- National Supply Chain Integrity Month, https://www.cisa.gov/supply-chain-integrity-month

- SCRM vendor template, https://www.cisa.gov/publication/ict-scrm-task-force-vendor-template

- CWE VIEW: Hardware Design, https://cwe.mitre.org/data/definitions/1194.html

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw147

Application Security Weekly (Video)
Not playing