Sign up to save your podcasts
Or
Share SCRM and Supply Chain Security Up and Down the Stack - Steve Orrin - BTS #11
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SCRM and Supply Chain Security Up and Down the Stack - Steve Orrin - BTS #11
Supply Chain threats and industry / government initiatives like EO 14028 are driving a deeper understanding and a set of requirements for applying supply chain risk management (SCRM) and increased transparency (ex. SBOM) across the software ecosystem up and down the stack. Platform and system firmware present unique challenges for supply chain assurance from the depths of the stack.
Segment Resources:
ESF: Securing the Software Supply Chain for Customers https://media.defense.gov/2022/Nov/17/2003116444/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_CUSTOMER_SLICKSHEET.PDF
https://media.defense.gov/2022/Nov/17/2003116445/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_CUSTOMER.PDF
ESF: Securing the Software Supply Chain for Suppliers https://media.defense.gov/2022/Oct/31/2003105572/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_SUPPLIERS_SLICKSHEET.PDF
https://media.defense.gov/2022/Oct/31/2003105368/-1/-1/0/SECURING_THE_SOFTWARE_SUPPLY_CHAIN_SUPPLIERS.PDF
ESF: Securing the Software Supply Chain for Developers https://media.defense.gov/2022/Sep/01/2003068942/-1/-1/0/ESF_
SECURING_THE_SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF CISA SBOM Site https://www.cisa.gov/sbom
Show Notes: https://securityweekly.com/bts-11
View all episodes
By Eclypsium
5
22 ratings
Supply Chain threats and industry / government initiatives like EO 14028 are driving a deeper understanding and a set of requirements for applying supply chain risk management (SCRM) and increased transparency (ex. SBOM) across the software ecosystem up and down the stack. Platform and system firmware present unique challenges for supply chain assurance from the depths of the stack.
Segment Resources:
ESF: Securing the Software Supply Chain for Customers https://media.defense.gov/2022/Nov/17/2003116444/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_CUSTOMER_SLICKSHEET.PDF
https://media.defense.gov/2022/Nov/17/2003116445/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_CUSTOMER.PDF
ESF: Securing the Software Supply Chain for Suppliers https://media.defense.gov/2022/Oct/31/2003105572/-1/-1/0/ESF_SECURING_THE_SOFTWARE_SUPPLY_CHAIN_SUPPLIERS_SLICKSHEET.PDF
https://media.defense.gov/2022/Oct/31/2003105368/-1/-1/0/SECURING_THE_SOFTWARE_SUPPLY_CHAIN_SUPPLIERS.PDF
ESF: Securing the Software Supply Chain for Developers https://media.defense.gov/2022/Sep/01/2003068942/-1/-1/0/ESF_
SECURING_THE_SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF CISA SBOM Site https://www.cisa.gov/sbom
Show Notes: https://securityweekly.com/bts-11
More shows like Below the Surface (Audio) - The Supply Chain Security Podcast
View all
The Joe Rogan Experience
228,818 Listeners
Security Now (Audio)
2,004 Listeners
Security Weekly Podcast Network (Audio)
209 Listeners
LINUX Unplugged
265 Listeners
Risky Business
374 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
637 Listeners
Destination Linux
89 Listeners
Smashing Security
322 Listeners
Darknet Diaries
8,014 Listeners
Three Buddy Problem
61 Listeners
The AI Daily Brief: Artificial Intelligence News and Analysis
586 Listeners
Untitled Linux Show (Audio)
1 Listeners