Supply Chain Management - Doug Barbin - ASW #147

Security Weekly Podcast Network (Video) · Security Weekly Productions

April 19, 202133m 46s

Audio is streamed directly from the publisher (dts.podtrac.com) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.

Original episode page

Show Notes

Supply chain security isn't new, despite the renewed attention from the Solar Winds attack. It has old challenges, like having an accurate asset or app inventory, and new opportunities, like Software Bill of Materials. From consequences to code integrity, DevOps teams need to understand how to protect their own code from others' components.

Additional resources:

- National Supply Chain Integrity Month, https://www.cisa.gov/supply-chain-integrity-month

- SCRM vendor template, https://www.cisa.gov/publication/ict-scrm-task-force-vendor-template

- CWE VIEW: Hardware Design, https://cwe.mitre.org/data/definitions/1194.html

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw147

← All episodes of Security Weekly Podcast Network (Video)