Technology
SBOM: What does it really tell you and the importance of having one for your organization. - Finding and fixing known vulnerabilities in dependencies and container images - Building a source of truth for packages to avoid malicious packages getting through - Combining continuous packaging and security into a CI/CD pipeline - Establishing Trust & Provenance in your Software Supply Chain - Visibility in your Software Supply Chain with upstreams and signatures This segment is sponsored by Cloudsmith. Visit https://securityweekly.com/cloudsmith to learn more about them! Visit https://www.securityweekly.com/asw for all the latest episodes! Show Notes: https://securityweekly.com/asw169