软件供应链风险与解决方案

Logo
Presented by

王永雷 新思科技SIG 高级安全架构师

About this talk

保护软件供应链首先要了解代码中的开源组件,并确定它们各自的许可证、潜在漏洞、已知漏洞和恶意代码。 人们普遍认为,实施软件物料清单(SBOM)是减少对软件供应链攻击的有效措施。根据Gartner的研究,到2026年,至少60%采购关键软件解决方案的组织将要求在其许可和支持协议中披露软件材料清单(SBOM),这一比例从2022年的不到5%大幅增长。 本次网络研讨会将讨论以下主题: 软件供应链现状 2. 如何构建安全的软件供应链? 2-1 软件组成分析(SCA)工具是基础 2-2 软件物料清单(SBOM)管理 2-3恶意包检测
Related topics:

More from this channel

Upcoming talks (13)
On-demand talks (95)
Subscribers (62757)
Black Duck® offers the most comprehensive, powerful, and trusted portfolio of application security solutions in the industry. We have an unmatched track record of helping organizations around the world secure their software quickly, integrate security efficiently in their development environments, and safely innovate with new technologies. As the recognized leaders, experts, and innovators in software security, Black Duck has everything you need to build trust in your software. As of October 1, 2024 the Synopsys Software Integrity Group is now Black Duck®