Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169 - a podcast by Security Weekly
from 2021-10-11T21:00
SBOM: What does it really tell you and the importance of having one for your organization.
- Finding and fixing known vulnerabilities in dependencies and container images
- Building a source of truth for packages to avoid malicious packages getting through
- Combining continuous packaging and security into a CI/CD pipeline
- Establishing Trust & Provenance in your Software Supply Chain
- Visibility in your Software Supply Chain with upstreams and signatures
This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn more about them!
Visit https://www.securityweekly.com/asw for all the latest episodes!
Show Notes: https://securityweekly.com/asw169
Further episodes of Application Security Weekly (Video)
Further podcasts by Security Weekly
Website of Security Weekly