Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169 - a podcast by Security Weekly

SBOM: What does it really tell you and the importance of having one for your organization.

- Finding and fixing known vulnerabilities in dependencies and container images

- Building a source of truth for packages to avoid malicious packages getting through

- Combining continuous packaging and security into a CI/CD pipeline

- Establishing Trust & Provenance in your Software Supply Chain

- Visibility in your Software Supply Chain with upstreams and signatures

 

This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn more about them!

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw169

Further episodes of Application Security Weekly (Video)

Further podcasts by Security Weekly

Website of Security Weekly