Foundations of DevSecOps - Avoiding Software Supply Chain Attacks

Securing your software supply chain is an increasingly complex problem with evolving attack methods and a mix of security point solutions. It’s easy to end up with blind spots and gaps across your supply chain. This training will focus on how JFrog Security can help with DevSecOps, how it integrates with the JFrog Platform to secure builds and artifacts, and how to create different policies for different stages of the CI/CD process. By the end of this training, you should be able to: - Understand the impact of these components on production system quality, performance, and architectural changes - How to use Xray’s integration with IDEs and CI Servers to reduce risk, speed up development, and ensure reliability in production - Identify container security, why it’s different, and how to streamline security and governance for cloud-native apps - Roll out security best practices throughout their organization