Building Secure Software
Supply Chain Risk and Software Acquisition
Course Learning Objectives
- Understand the complexity and issues surrounding supply chain security.
- Describe the industry standards that are used to in securing the supply chain.
- Take the steps necessary for assessing a supplier’s security practices.
- Describe a process for ensuring the software from a supplier is securely delivered and deployed.
- Gain the confidence to certify supplier delivered software.
The goal of this Supply chain and software acquisition domain is to provide the learner knowledge to ensure that the software developed in a supply chain is secure. The learner will learn some of the industry standards and practices that must applied to provide a high level of assurance that the supply chain is secure – both upstream and downstream. In addition to the practices discussed in previous modules the learner will understand how to assess supplier practices, installation and deployment, monitoring considerations for suppliers, identify risks, and understand the use of contractual obligations for suppliers.
Certified Secure Software Lifecycle Professional (CSSLP)
Tailored learning - 80 minutes total
CSP108 - Supply Chain Risk and Software Acquisition