- Nordic Software Security Summit - https://nsss.se -

Empowering Organisations: Procuring a Secure Software Supply ChainĀ 

Anthony Harrison [1], APH10

Anthony Harrison

The supply chain for software-based products is large and increasingly complex. With growing regulation requiring enhanced transparency of the supply chain, what are the best practices to ensure that this can be achieved? 

The use of the software supply chain within a secure development lifecycle starts with the initial statement of requirements, through procurement, and development all the way through to deployment, support, and disposal. A key part of this is the procurement process and it is essential that the procurement process protects organisations and customers from the risks originating from within the software supply chain. 

This presentation identifies the key risks which exist within the software supply chain and proposes solutions to mitigate the risks to an acceptable level, including: 

anthony-harrison-Empower [2]

Open Source Security Foundation
[7]
[8]