DOP 111: What Are Software Supply Chain Attacks?
DevOps Paradox · Darin Pope & Viktor Farcic
Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
#111: Ever since Alex Birsan published his Dependency Confusion article in February 2021, the concept of the software supply chain has come to the forefront. The supply chain should not be a new concept to people, but many seemed to have been caught off guard. Today we talk about Alex's article along with a new project that allows you to manage your supply chain security in Tekton.
https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610
https://security.googleblog.com/2021/06/verifiable-supply-chain-metadata-for.html
https://portswigger.net/daily-swig/software-supply-chain-attacks-everything-you-need-to-know
https://www.cisa.gov/publication/software-supply-chain-attacks
https://www.whitesourcesoftware.com/resources/blog/software-supply-chain-attacks/
YouTube channel:
https://youtube.com/devopsparadox/
Books and Courses:
Catalog, Patterns, And Blueprints
https://www.devopstoolkitseries.com/posts/catalog/
Kubernetes Chaos Engineering With Chaos Toolkit And Istio
https://www.devopstoolkitseries.com/posts/chaos/
Canary Deployments To Kubernetes Using Istio and Friends
https://www.devopstoolkitseries.com/posts/canary/
Review the podcast on Apple Podcasts:
https://www.devopsparadox.com/review-podcast/
Slack:
https://www.devopsparadox.com/slack/
Connect with us at: