Modern software relies on a collection of original code, libraries, open source tools, plugins, packages, and platforms.
In Securing the Software Supply Chain, you'll learn how to secure those dependencies to the same rigorous standards as the rest of your systems.
Co-authored by DevSecOps experts from Kusari and Google, this book provides comprehensive and foundational learning for managing your software development life cycle (SDLC).
What you'll learn
- Software Supply Chain Fundamentals — Build a working mental model of the modern supply chain and the surface area you actually need to defend.
- Under Attack: Identifying Threats — Recognize the attack patterns that target build systems, dependencies, and developer environments before they reach production.
- Architecting Supply Chain Security — Apply controls and practices that scale across teams without slowing delivery.