《Trust and Risk in the Software Supply Chain.pdf》由会员分享,可在线阅读,更多相关《Trust and Risk in the Software Supply Chain.pdf(5页珍藏版)》请在三个皮匠报告上搜索。
1、Trust and Risk in the software supply chain Emmy EideDirector,Supply Chain SecurityProduct Security,Red Hat22022 State of the Software Supply Chain-SonatypeWhat is happening?Supply chain attacks are increasingWe are probably more vulnerable than we thinkFSecurity Tools and IdeasSecurity
2、 partnerships transform ideas to results Guidelines and ExpectationsSet forth ground rules(driven by policies as code)that engineers should be aware of up frontCoordinate ImplementationConsider development planning timelines,integration requirements,and maintenance upkeepTie it back to RiskBe able t
3、o articulate why IdM is important,what signing provides our customer,the risk of not scanning code and infrastructure throughout the supply chain.4P youRed Hat is the worlds leading provider of enterprise open source software solutions.Award-winning support,training,and consulting services make Red Hat a trusted adviser to the Fortune 500.