Video details

Adapting DevOps in a World of Growing Software Supply Chain Attacks • Adam Such • GOTO 2021

12.01.2021
English

This presentation was recorded at GOTO Copenhagen 2021. #GOTOcon #GOTOcph http://gotocph.com
Adam Such - Principal Solutions Architect for the Nordics region at Sonatype
ABSTRACT Instinctively, we understand how critical this is, especially in a time of growing high profile attacks on software supply chains across the world - most recently Dependency Confusion, the Cloudflare and SolarWinds breach - embracing security as a development team has never been more important. Done properly, DevSecOps practices shouldn’t interrupt the DevOps pipeline - but instead aid it - preventing costly rebuilds and build failures, down the road. By creating automated governance that is embedded early and throughout the software development lifecycle, developers have transparent access to digital guardrails integrated within our native tools — an approach that ensures security is being built in without slowing [...]
TIMECODES 00:00 Intro 02:12 What you will learn 03:00 Why is there a new wave of cybersecurity attacks? 06:34 Where do vulnerabilities enter your supply chain? 12:37 Typosquatting 15:46 Namespace confusion 18:06 Malicious code injections 20:40 How to prevent future attacks? 22:30 8 Rules 31:20 Outro
Read the full abstract here: https://gotocph.com/2021/sessions/1959/adapting-devops-in-a-world-of-growing-software-supply-chain-attacks
RECOMMENDED BOOKS Aaron Parecki • OAuth 2.0 Simplified • https://amzn.to/2A3IMOf Aaron Parecki • OAuth 2.0 Servers • https://amzn.to/3ecHEsz Aaron Parecki • The Little Book of OAuth 2.0 RFCs • https://amzn.to/3i7qnlC Erdal Ozkaya • Cybersecurity: The Beginner's Guide • https://amzn.to/2T6OIj3 Forsgren, Humble & Kim • Accelerate: The Science of Lean Software and DevOps • https://amzn.to/3tCz1xO John Arundel & Justin Domingus • Cloud Native DevOps with Kubernetes • https://amzn.to/3hKZvI5 Wynne, Hellesoy & Tooke • The Cucumber Book • https://amzn.to/3tEUINJ Robert C. Myers • Essential Test-Driven Development • https://amzn.to/2Xc8ZWa Roy Osherove • The Art of Unit Testing • https://bit.ly/3obiKNB Eric Ries • The Lean Startup • https://amzn.to/396fOva Ronnie Mitra & Irakli Nadareishvili • Microservices: Up and Running• https://amzn.to/3c4HmmL
https://twitter.com/GOTOcon https://www.linkedin.com/company/goto- https://www.facebook.com/GOTOConferences #DevOps #FutureOfDevOps #Maven #npm #GoLang #NuGet #RubyGems #PyPl #CyberSecurity #Security #DevSecOps #Typosquatting #NamespaceConfusion #CodeInjectinos #MTTU
Looking for a unique learning experience? Attend the next GOTO conference near you! Get your ticket at https://gotopia.tech
SUBSCRIBE TO OUR CHANNEL - new videos posted almost daily. https://www.youtube.com/user/GotoConferences/?sub_confirmation=1