#66 - Working On The Supply Chain Gang

On this episode of CISO Tradecraft, you can learn about supply chain vulnerabilities and the 6 important steps you can take to mitigate this attack within your organization:

1. Centralize your software code repository
2. Centralize your artifact repository
3. Scan open source software for malware
4. Scan software for vulnerabilities and vendor support
5. Run a Web Application Firewall (WAF)
6. Run a Runtime Application Self Protection (RASP)

References:

https://owasp.org/www-project-threat-and-safeguard-matrix/

https://slsa.dev/

Infographic: