adporn.net Secure software supply chain - ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep Video Tutorial | LinkedIn Learning, formerly Lynda.com

LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Unlock the full course today

Join today to access over 24,500 courses taught by industry experts.

Secure software supply chain

Secure software supply chain

From the course: ISC2 Certified Secure Software Lifecycle Professional (CSSLP) (2023) Cert Prep

Start my 1-month free trial Buy for my team

Secure software supply chain

“

- [Instructor] The eighth and final domain of the CSSLP is secure software supply chain. This domain focuses on how you can extend your software security expectations to your third party suppliers. Secure software supply chain accounts for 10% of the CSSOP exam. The primary focus of this domain is on implementing software supply chain risk management processes. You'll learn how to do this by studying how you can identify and select components for your risk assessment activity, as well as how you can assess the risks associated with those components. You'll also learn about maintaining a list of third-party components, often referred to as an SBOM. More on that later. And you'll learn about monitoring these components for vulnerabilities and changes. You'll learn techniques for analyzing the security of third-party software, which will lead to a discussion on verifying the pedigree and provenance of that software. While pedigree and provenance are related concepts, you'll dig deeper…

Contents