Supply Chain Security Security with Containers and CI/CD Systems – Kirsten Newcomer – ASW #256
Supply chain has been a hot topic for a few years now, but so many things we need to do for a secure supply chain aren't new at all. We'll cover SBOMs, vuln management, and putting together a secure pipeline.
Segment resources:
- https://www.solarwinds.com/assets/solarwinds/swresources/whitepaper/2111swiwhitepaper_nextgenbuild.pdf
https://next.redhat.com/project/tekton-chains/- https://tekton.dev/
Announcements
As a member of the Security Weekly community, we are pleased to offer you 50% off your AI DC 2023 tickets using code CRA50OFF! Join us on October 4, 2023, in Pentagon City. ICIT, the Nation’s #1 cyber security think tank, brings together America’s leading minds to discuss AI’s impact on the country.
Register today at securityweekly.com/AIDC2023.
Guest
Kirsten works closely with Red Hat’s many security professionals across the Red Hat portfolio of enterprise-ready open source offerings. Kirsten is a diversified software management professional with 15+ years of experience in application development and infrastructure solutions. Prior to joining Red Hat, Kirsten provided strategic direction for Black Duck’s open source security and governance solutions. Her career has spanned successful roles at IBM Software Group, Rational Software and BMC Software. Kirsten was an early contributor to the Linux Foundation’s Software Package Data Exchange (SPDX) specification, which provides a set of standards for communicating the components, licenses, and copyrights associated with software. In her free time, Kirsten serves as Vice Chair of the Board of Trustees for Marlboro College in Marlboro, VT and enjoys hiking and dancing with her husband.
Hosts
