Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Learn about software supply chain security in the PHP ecosystem through this comprehensive 46-minute talk featuring Nils Adermann, co-creator of Composer. Explore what supply chain security means for PHP projects, particularly focusing on Drupal sites and their vulnerabilities to supply chain attacks. Dive deep into Composer's role in the supply chain, including its interaction with packagist.org and Private Packagist. Discover the Drupal Association's pioneering Auto-Updates Initiative and their implementation of The Update Framework (TUF) protocols for package integrity verification. Examine the PHP-TUF Composer Integration Plugin and Rugged TUF Server, essential components designed to protect the Drupal community from evolving threats. Master best practices for securing Drupal sites against supply chain attacks while gaining insights into Composer's security features and behaviors. Prior knowledge of Composer package dependencies, basic deployment processes, web application security fundamentals, and Drupal deployment practices is recommended for maximum benefit.
