Foundations of Software Supply Chain Security

Learn about key concepts in supply chain security including vulnerabilities, SBOMs, scanning, code signing, and provenance.

Cancel Apply

rate limit

Code not recognized.

About this course

Software Supply Chain Security is an increasingly hot topic, and for good reasons. Software supply chain attacks are on the rise, leaking confidential data, enabling ransomware, and putting the critical infrastructure of high-stakes organizations such as healthcare, transportation, finance, government, and energy at risk. Juniper Research estimates that these attacks will cost the global economy more than $80 billion in lost revenue by 2026. Unfortunately, they may also threaten our safety and stability, and at the very least, make the lives of developers everywhere miserable. 

Fortunately, there are a number of tools and methods that are invaluable to enhancing software supply chain security. However, to understand the logic behind these tools and methods, it’s useful to develop a solid foundation in the principles that underpin them. In this course, you will learn about key software supply chain security concepts, such as vulnerability scanning, digital signing, Software Bills of Materials (SBOMs), and provenance to help provide contextual information around security practices. 

Course Details

  • Developers; Software Professionals

  • 1-2h

  • 7 Lessons

 

Curriculum

  • What Is Software Supply Chain Security?
  • Understanding Vulnerabilities (CVEs) And Their Scoring System
  • Understanding SBOMs: How To Know What's In Your Software
  • What Is Vulnerability Scanning?
  • False Negatives and Positives
  • What Is Code Signing?
  • What Is Provenance?
  • Test Your Knowledge!

About this course

Software Supply Chain Security is an increasingly hot topic, and for good reasons. Software supply chain attacks are on the rise, leaking confidential data, enabling ransomware, and putting the critical infrastructure of high-stakes organizations such as healthcare, transportation, finance, government, and energy at risk. Juniper Research estimates that these attacks will cost the global economy more than $80 billion in lost revenue by 2026. Unfortunately, they may also threaten our safety and stability, and at the very least, make the lives of developers everywhere miserable. 

Fortunately, there are a number of tools and methods that are invaluable to enhancing software supply chain security. However, to understand the logic behind these tools and methods, it’s useful to develop a solid foundation in the principles that underpin them. In this course, you will learn about key software supply chain security concepts, such as vulnerability scanning, digital signing, Software Bills of Materials (SBOMs), and provenance to help provide contextual information around security practices. 

Course Details

  • Developers; Software Professionals

  • 1-2h

  • 7 Lessons

 

Curriculum

  • What Is Software Supply Chain Security?
  • Understanding Vulnerabilities (CVEs) And Their Scoring System
  • Understanding SBOMs: How To Know What's In Your Software
  • What Is Vulnerability Scanning?
  • False Negatives and Positives
  • What Is Code Signing?
  • What Is Provenance?
  • Test Your Knowledge!
Course

Learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it.