CSSLP 2024: Secure Software Supply Chain

CSSLP 2024    |    Expert
  • 7 videos | 43m 30s
  • Includes Assessment
  • Earns a Badge
Rating 4.0 of 4 users Rating 4.0 of 4 users (4)
Software supply chain security is more important than ever, particularly due to the rise in popularity of Python. Domain 8 of the CSSLP, the Secure Software Supply Chain, equips you to deal with security controls, externally sourced components, vendors, and software acquisition. First, you'll learn how to assess established frameworks such as Cybersecurity Supply Chain Risk Management (C-SCRM), OWASP Software Component Verification Standard (SCVS), and the Cloud Controls Matrix (CCM). Then, you'll move on to the concepts of pedigree, which documents ownership and transfer through the software supply chain. Next, you'll focus on software acquisition, conducting due diligence on vendors, and ensuring compliance with industry regulations. Then, you'll contrast the sale and licensing of software, comparing different types of licenses such as proprietary and open-source. Finally, you'll examine important contractual elements, including liability clauses, Master Agreements, and End User License Agreements (EULAs), enabling you to manage legal and contractual risks effectively. This course prepares learners for the Certified Secure Software Lifecycle Professional (CSSLP) exam.

WHAT YOU WILL LEARN

  • Discover the key concepts covered in this course
    Utilize the c-scrm framework, owasp scvs and cloud controls matrix to frame security assessments of the software supply chain
    Identify pedigree as the detailed history and lineage and provenance as the documented ownership and transfer of software components in the software supply chain
    Outline steps, security controls, and considerations for a sound software acquisition process
  • Contrast the sale and licensing of software and enumerate types of software licenses
    Analyze important liability clauses and contextualize master agreements and end user licensing agreements
    Summarize the key concepts covered in this course

IN THIS COURSE

  • 1m 55s
    In this video, you will discover the key concepts covered in this course. FREE ACCESS
  • 11m 26s
    Learn how to utilize the C-SCRM framework, OWASP SCVS and Cloud Controls Matrix to frame security assessments of the software supply chain. FREE ACCESS
  • Locked
    3.  Pedigree and Provenance in the Software Supply Chain
    7m 4s
    Find out how to identify pedigree as the detailed history and lineage and provenance as the documented ownership and transfer of software components in the software supply chain. FREE ACCESS
  • Locked
    4.  Security During Software Acquisition
    7m 22s
    In this video, you will learn how to outline steps, security controls, and considerations for a sound software acquisition process. FREE ACCESS
  • Locked
    5.  Contractual Considerations and Types of Licenses
    9m 21s
    During this video, you will learn how to contrast the sale and licensing of software and enumerate types of software licenses. FREE ACCESS
  • Locked
    6.  Liability Clauses, Master Agreements and EULAs
    4m 28s
    Discover how to analyze important liability clauses and contextualize Master Agreements and End User Licensing Agreements. FREE ACCESS
  • Locked
    7.  Course Summary
    1m 54s
    In this video, we will summarize the key concepts covered in this course. FREE ACCESS

EARN A DIGITAL BADGE WHEN YOU COMPLETE THIS COURSE

Skillsoft is providing you the opportunity to earn a digital badge upon successful completion on some of our courses, which can be shared on any social network or business platform.

Digital badges are yours to keep, forever.

YOU MIGHT ALSO LIKE

Course CISM 2022: Information Security Governance
Rating 4.8 of 44 users Rating 4.8 of 44 users (44)
Course CCSP 2022: Application Security Awareness & Life Cycles
Rating 4.7 of 64 users Rating 4.7 of 64 users (64)
Course CSSLP 2024: Secure Software Concepts
Rating 5.0 of 1 users Rating 5.0 of 1 users (1)