Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Enhancing Software Supply Chain Security: Approaches to Software Composition Analysis

Eclipse Foundation via YouTube

Overview

Google, IBM & Meta Certificates – 40% Off
One plan covers every Professional Certificate on Coursera.
Unlock All Certificates
Learn about Software Composition Analysis (SCA) tools and approaches for securing the Java software supply chain in this 24-minute conference talk. Explore the critical importance of managing third-party package dependencies in Java projects, particularly in light of major security incidents like SolarWinds and Log4Shell. Compare two distinct approaches to vulnerability detection: the code-centric method used by Eclipse Steady and the metadata-based approach of OWASP Dependency-Check. Examine real-world applications of both tools across various Java projects, understanding their respective strengths and limitations. Discover how a proposed hybrid approach could combine the best aspects of both methods to enhance vulnerability detection precision and efficiency. Gain practical insights into implementing these free, open-source tools in your own projects, with only basic software development knowledge required.

Syllabus

Enhancing Software Supply Chain Security: Approaches to Software Composition Analysis - OCX 2024

Taught by

Eclipse Foundation

Reviews

Start your review of Enhancing Software Supply Chain Security: Approaches to Software Composition Analysis

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.