Software Transparency: Supply Chain Security in an Era of a Software-Driven Society - Paperback

by Chris Hughes (Author), Tony Turner (Author), Allan Friedman (Foreword by)

Discover the new cybersecurity landscape of the interconnected software supply chain

In Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, a team of veteran information security professionals delivers an expert treatment of software supply chain security. In the book, you'll explore real-world examples and guidance on how to defend your own organization against internal and external attacks. It includes coverage of topics including the history of the software transparency movement, software bills of materials, and high assurance attestations.

The authors examine the background of attack vectors that are becoming increasingly vulnerable, like mobile and social networks, retail and banking systems, and infrastructure and defense systems. You'll also discover:

• Use cases and practical guidance for both software consumers and suppliers
• Discussions of firmware and embedded software, as well as cloud and connected APIs
• Strategies for understanding federal and defense software supply chain initiatives related to security

An essential resource for cybersecurity and application security professionals, Software Transparency will also be of extraordinary benefit to industrial control system, cloud, and mobile security professionals.

Back Jacket

Explore the cybersecurity implications of the interconnected software supply chain

In Software Transparency: Supply Chain Security in an Era of a Software-Driven Society, a team of dedicated information security executives and professionals delivers an incisive and essential new treatment of software supply chain security. In the book, you'll find real-world examples of how to defend your own organization against attack. It includes coverage of topics ranging from the history of the software transparency movement to software bills of materials and high assurance attestations in a rapidly evolving software landscape.

The authors explain the background of attack vectors that are becoming increasingly vulnerable, including mobile and social networks, banking and retail systems, and even the critical infrastructure and defense systems upon which we all rely. You'll discover how you can defend against threats to these networks and explore use cases and practical guidance for both software consumers and the suppliers who support them.

A can't-miss resource for cybersecurity and application security professionals, Software Transparency will also earn a central place on the bookshelves of professionals working in industrial control system security, cloud security, mobile security, DevOps, and DevSecOps. The book offers extensive coverage of:

• Firmware and embedded software
• Cloud and connected APIs
• Industrial control systems
• Internet of Things-connected devices
• Federal and defense software supply chain initiatives
• Software for mobile devices