Using CNCF Best Practices for Software Supply Chain to Guide and Enhance Your Security Posture - Ryan Gibbons, 3m & Conor Rogers, Stelligent

less than 1 minute read

Abstract

In this presentation the 3M team will describe how CNCF best practices were used to inform requirements for secure software development capabilities throughout the 3M software supply chain and our journey to improve the code security posture. The team will describe how CNCF best practices were used to evangelize an improved security policy and inform Security, Legal, Risk and Delivery Management functions. Using the CNCF best practices the 3M team will tell the story of how these best practices were used to enhance policy, process, procedure and build across the Software Development Lifecycle. We will tell our story of Securing The Software Supply Chain with a particular emphasis on Opensource Components and we will share how our efforts to date have helped the organization to respond to and prepare for Supply Chain Attacks and vulnerabilities such as Log4J. Finally we will hope to help the community on accelerating their journey to the standards based SBOM (Software Bill Of Materials).Click here to view captioning/translation in the MeetingPlay platform!

Sched URL

Video

Twitter Facebook LinkedIn

About

Conferences

Using CNCF Best Practices for Software Supply Chain to Guide and Enhance Your Security Posture - Ryan Gibbons, 3m & Conor Rogers, Stelligent

Abstract

Video

You May Also Enjoy

You Shall Not Pass! Unless You Are GUAC Verified…. - Parth Patel, Kusari & Dejan Bosanac, Red Hat

Living off the Land Techniques in Managed Kubernetes Clusters - Ronen Shustin & Shay Berkovich, Wiz

Leveraging OCI 1.1 for Enhanced SBOM Integration and Vulnerability Scanning in Harbor - Anais Urlichs, Aqua Security & Shengwen Yu, VMware

Lessons Learned from Generating 100M SBOMs: Google’s Approach to SBOM Compliance - Brandon Lum & Isaac Hepworth, Google