#66 - Working On The Supply Chain Gang - podcast episode cover

#66 - Working On The Supply Chain Gang

CISO Tradecraft®
Feb 21, 202221 minEp. 66
--:--
--:--
Listen in podcast apps:
Apple Podcasts
Spotify
Download
YouTube
Overcast
Pocket Casts
Episodes.fm
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

On this episode of CISO Tradecraft, you can learn about supply chain vulnerabilities and the 6 important steps you can take to mitigate this attack within your organization:

  1. Centralize your software code repository
  2. Centralize your artifact repository
  3. Scan open source software for malware
  4. Scan software for vulnerabilities and vendor support
  5. Run a Web Application Firewall (WAF)
  6. Run a Runtime Application Self Protection (RASP)

References:

https://owasp.org/www-project-threat-and-safeguard-matrix/

https://slsa.dev/

Infographic:

For the best experience, listen in Metacast app for iOS or Android