PLAY PODCASTS
SCRM and Supply Chain Security Up and Down the Stack - Steve Orrin - BTS #11

SCRM and Supply Chain Security Up and Down the Stack - Steve Orrin - BTS #11

Below the Surface (Audio) - The Supply Chain Security Podcast · Eclypsium

May 31, 202357m 45s

Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Supply Chain threats and industry / government initiatives like EO 14028 are driving a deeper understanding and a set of requirements for applying supply chain risk management (SCRM) and increased transparency (ex. SBOM) across the software ecosystem up and down the stack. Platform and system firmware present unique challenges for supply chain assurance from the depths of the stack.

Segment Resources:

ESF: Securing the Software Supply Chain for Customers https://media.defense.gov/2022/Nov/17/2003116444/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_CUSTOMER_SLICKSHEET.PDF

https://media.defense.gov/2022/Nov/17/2003116445/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_CUSTOMER.PDF

ESF: Securing the Software Supply Chain for Suppliers https://media.defense.gov/2022/Oct/31/2003105572/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_SUPPLIERS_SLICKSHEET.PDF

https://media.defense.gov/2022/Oct/31/2003105368/-1/-1/0/SECURING_THE_SOFTWARE_SUPPLY_CHAIN_SUPPLIERS.PDF

ESF: Securing the Software Supply Chain for Developers https://media.defense.gov/2022/Sep/01/2003068942/-1/-1/0/ESF_

SECURING_THE_SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF CISA SBOM Site https://www.cisa.gov/sbom

Show Notes: https://securityweekly.com/bts-11

← All episodes of Below the Surface (Audio) - The Supply Chain Security Podcast