Info

Paul's Security Weekly TV

Security news, interviews, how-to technical segments. For security professionals by security professionals. We Hack Naked.
RSS Feed Subscribe in Apple Podcasts
Paul's Security Weekly TV
2021
November
October
September
August
July
June
May
April
March
February
January


2020
December
November
October
September
August
July
June
May
April
March
February
January


2019
December
November
October
September
August
July
June
May
April
March
February
January


2018
December
November
October
September
August
July
June
May
April
March
February
January


2017
December
November
October
September
August
July
June
May
April
March
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


2014
December
November
October
September
August
July
June
May
April
March
February
January


2013
December
November
October
September
August
July
June


Categories

All Episodes
Archives
Categories
Now displaying: Category: interview,Application Security,Compliance,DevOps,Threat Modeling
Apr 19, 2021

Supply chain security isn't new, despite the renewed attention from the Solar Winds attack. It has old challenges, like having an accurate asset or app inventory, and new opportunities, like Software Bill of Materials. From consequences to code integrity, DevOps teams need to understand how to protect their own code from others' components.

Additional resources:

- National Supply Chain Integrity Month, https://www.cisa.gov/supply-chain-integrity-month

- SCRM vendor template, https://www.cisa.gov/publication/ict-scrm-task-force-vendor-template

- CWE VIEW: Hardware Design, https://cwe.mitre.org/data/definitions/1194.html

 

Visit https://www.securityweekly.com/asw for all the latest episodes!

Show Notes: https://securityweekly.com/asw147

1