High-profile software supply chain attacks and vulnerabilities – like SolarWinds and Log4j – represent the tip of the iceberg. Organizations can create additional transparency into the software supply chain by requiring a Software Bill of Materials (or SBoM), an inventory of all the constituent components and dependencies in developing and delivering an application. However, the concept of software supply chain security is much greater than an SBoM.
In this webinar, Dave Shackleford, principal at Voodoo Security and SANS instructor, explores the top tips for strengthening software supply chain security, including:
This webinar delivers best practice guidance on augmenting your third-party risk management program with a solid assessment strategy for your software vendors.