34 min listen
DOP 111: What Are Software Supply Chain Attacks?
FromDevOps Paradox
ratings:
Length:
28 minutes
Released:
Jun 16, 2021
Format:
Podcast episode
Description
#111: Ever since Alex Birsan published his Dependency Confusion article in February 2021, the concept of the software supply chain has come to the forefront. The supply chain should not be a new concept to people, but many seemed to have been caught off guard. Today we talk about Alex's article along with a new project that allows you to manage your supply chain security in Tekton. https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610 https://security.googleblog.com/2021/06/verifiable-supply-chain-metadata-for.html https://cloud.google.com/blog/products/identity-security/how-were-helping-reshape-software-supply-chain-ecosystem-securely https://portswigger.net/daily-swig/software-supply-chain-attacks-everything-you-need-to-know https://www.cisa.gov/publication/software-supply-chain-attacks https://www.whitesourcesoftware.com/resources/blog/software-supply-chain-attacks/ https://deps.dev/ YouTube channel: https://youtube.com/devopsparadox/ Books and Courses: Catalog, Patterns, And Blueprints https://www.devopstoolkitseries.com/posts/catalog/ Kubernetes Chaos Engineering With Chaos Toolkit And Istio https://www.devopstoolkitseries.com/posts/chaos/ Canary Deployments To Kubernetes Using Istio and Friends https://www.devopstoolkitseries.com/posts/canary/ Review the podcast on Apple Podcasts: https://www.devopsparadox.com/review-podcast/ Slack: https://www.devopsparadox.com/slack/ Connect with us at: https://www.devopsparadox.com/contact/
Released:
Jun 16, 2021
Format:
Podcast episode
Titles in the series (100)
DOP 5: Do We Still Need Configuration Management?: #5: Chef...Puppet...Ansible...Terraform...CFEngine. These are some of the big names in configuration management. In today's episode, we debate are these "classic" tools still applicable in today's DevOps world. Signup for access to the Slack workspace: by DevOps Paradox