Your developer supply chain is constantly under attack, from the download of vulnerable components, to the licensing and governance of those components, all the way through monitoring their use in the production environment. In this workshop/lecture, Maury Cupitt will look at each phase of the development lifecycle and show how to protect each of those phases using the Nexus Platform.
The labs covered in this workshop are available at the following links:
- Overview - Software Supply Chains
- Lab 1 - Nexus Repository Manager
- Lab 2 - Attack #1 - Dependency Confusion
- Lab 3 - Attack #2 - Removal of Upstream Source
- Lab 4 - Attack #3 - Known Vulnerabilities