adporn.net Identifying and selecting components - ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,400 courses taught by industry experts.

Identifying and selecting components

Identifying and selecting components

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Identifying and selecting components

“

- [Presenter] As organizations continue to adopt more and more third party services, it becomes that much more important to have a process in place for assessing supply chain risk. The first step in this process is to identify and select the components that may introduce risk to your software supply chain. Risk identification starts with an understanding of the scope of your risk assessment. While other domains of the CSSLP focus primarily on software that you've developed internally, your assessment of the software supply chain will require that you turn your attention outward. Just like the production and distribution of a physical good often involves a number of individual organizations, the production and distribution of software also involves multiple participants. For starters, who is providing either code or services for your application? Many, if not most, applications today include open-source software components. A study by Black Duck, an organization that specializes in…

Contents