Artwork

Content provided by Better Informed Network. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Better Informed Network or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Securing the Software Supply Chain: Recommended Practices for Developers

13:08
 
Share
 

Manage episode 451809905 series 3618465
Content provided by Better Informed Network. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Better Informed Network or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

This episode offers a guide to securing software supply chains, focusing on recommended practices for developers, suppliers, and customers. with detailed best practices for developers, emphasizing secure coding, build environment hardening, third-party component verification, and vulnerability response. The episode stresses the importance of secure development lifecycle (SDLC) processes, threat modeling, and artifact creation for auditing and verification. We discuss relevant frameworks like NIST SP 800-218 (SSDF) and SLSA, providing a crosswalk between its recommendations and these standards.

  continue reading

4 episodes

Artwork
iconShare
 
Manage episode 451809905 series 3618465
Content provided by Better Informed Network. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Better Informed Network or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.

This episode offers a guide to securing software supply chains, focusing on recommended practices for developers, suppliers, and customers. with detailed best practices for developers, emphasizing secure coding, build environment hardening, third-party component verification, and vulnerability response. The episode stresses the importance of secure development lifecycle (SDLC) processes, threat modeling, and artifact creation for auditing and verification. We discuss relevant frameworks like NIST SP 800-218 (SSDF) and SLSA, providing a crosswalk between its recommendations and these standards.

  continue reading

4 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Quick Reference Guide

Copyright 2025 | Privacy Policy | Terms of Service | | Copyright
Listen to this show while you explore
Play