Modernizing the Management of Your Software Supply Chain - Tom Gibson - ASW #169

Published: Oct. 11, 2021, 9 p.m.


SBOM: What does it really tell you and the importance of having one for your organization.

- Finding and fixing known vulnerabilities in dependencies and container images

- Building a source of truth for packages to avoid malicious packages getting through

- Combining continuous packaging and security into a CI/CD pipeline

- Establishing Trust & Provenance in your Software Supply Chain

- Visibility in your Software Supply Chain with upstreams and signatures


This segment is sponsored by Cloudsmith. Visit to learn more about them!


Visit for all the latest episodes!

Show Notes:
