Thoughtworks Technology Podcast cover image

Thoughtworks Technology Podcast

Securing the software supply chain

Aug 12, 2021
Delving into the complexities of securing the software supply chain, the podcast discusses trust, managing provenance, and understanding vulnerabilities. It highlights the SolarWinds hack and emphasizes verifying dependencies, governance, and integrating security practices early in development. The importance of cybersecurity in sectors like healthcare and government is emphasized, along with the evolving approach to security influenced by legal considerations like GDPR. The conversation stresses the need for liability, education, behavior change, and feedback to enhance security practices.
39:43

Podcast summary created with Snipd AI

Quick takeaways

  • Securing the software supply chain requires understanding security risks in tools and processes, not just code.
  • Managing dependencies and verifying artifacts are key steps in enhancing software supply chain security.

Deep dives

Understanding Software Supply Chain and Securing It

Securing the software supply chain involves ensuring trust and provenance from coding to production, not just focusing on code but also on build tools and processes. Breaches like the SolarWinds incident highlight vulnerabilities across the entire supply chain. Verification of artifacts, limiting dependencies, and establishing trust early in the process are crucial steps in securing the software supply chain.

Get the Snipd
podcast app

Unlock the knowledge in podcasts with the podcast player of the future.
App store bannerPlay store banner

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode

Save any
moment

Hear something you like? Tap your headphones to save it with AI-generated key takeaways

Share
& Export

Send highlights to Twitter, WhatsApp or export them to Notion, Readwise & more

AI-powered
podcast player

Listen to all your favourite podcasts with AI-powered features

Discover
highlights

Listen to the best highlights from the podcasts you love and dive into the full episode