Understanding the concepts of Supply Chain Security, Container Images, SBOMs, and more

Episode No: 57

In this engaging episode of ScaletoZero podcast, cybersecurity expert Htet Aung delves into the complexities of software supply chain security, emphasizing the importance of practices like software bill of materials (SBOM) and container image signing. He also rates key security practices and recommends valuable resources for further exploration.
Concepts of supply chain security

You can read the complete episode transcript here >

Learnings from the podcast

  1. Software Bill of Material (SBOM) is key for Supply Chain Security. It helps organizations understand dependencies and vulnerabilities associated with the dependencies.
  2. To analyze SBOMs, utilize a Software Composition Analysis (SCA) Tool and integrate is as part of CI/CD Process.
  3. Some of the best practices of Image Signing are using a Key Management Solution which has capabilities like Rotation, Secure Root and Private Keys, Use of a Trusted Registry with Continuous Monitoring on it to name a few.

Learning resources recommended by Aung

  1. Microsoft Security Blogs

    Expert coverage on security matters such as zero trust, identity and access management, threat protection, information protection, and security management.

    Visit now >



  2. Zero Trust Security Architecture

    Unveil Zero Trust Security! Our guide explains core principles, benefits, implementation steps, & its role in both cybersecurity & cloud security

    Read our article on Zero Trust Security >

Insights from Cloudanix

threat modeling

Restorative Justice Framework

A must learn framework for all the cyber security leaders and cloud security leaders. Understand all the know-hows of restorative justice framework!

Read more >
Cloud compliance checklist - Cloudanix

Checklist for you

A collection of several free checklists for you to use. You can customize, stack rank, backlog these items and share with your other team members.

Go to checklists
Cloudanix Documentation

Cloudanix docs

Cloudanix offers you a single dashboard to secure your workloads. Learn how to setup Cloudanix for your cloud platform from our documents.

Take a look
Monthly changelog

Monthly Changelog

Level up your experience! Dive into our latest features and fixes. Check monthly updates that keep you ahead of the curve.

Take a look
Learn repository

CISO's Secret Weapon: Emotional Intelligence for Security Leaders

This guide explores emotional intelligence, its importance for security leaders, & how it fosters a positive security culture.

Read more