DSO 205 –Securing the COTS Supply Chain
COURSE OVERVIEW
The usage of Commercial-off-the-shelf software (COTS) by organizations while advantageous comes with its own set of challenges and complexities. Unfortunately, it is rare for acquisition approaches to account for complex software supply chains; this course provides learners with an understanding of how to apply DevSecOps best practices to reduce software supply chain risks
After completing this course you will be to:
- Employ acquisition strategies, contract tools, and procurement methods for the purchase of the software, COTS from suppliers
- Conduct a supplier review prior to entering into a contractual agreement to acquire the COTS
- Conduct an assessment of the COTS prior to selection, acceptance, or update
- Employ security safeguards to validate that the COTS received is genuine and has not been altered
- Establish and retains the unique identication of supply chain elements, processes, and actors for the COTS
- Establish a process to address weaknesses or deciencies in supply chain elements identied during independent or organizational assessments of such elements
COURSE DETAILS
Course Number: DSO 205
Course Duration: 15 minutes
Course CPE Credits: 25
Related Subject Matter
CWE
NICE
NIST
Penetration Testing
Foreign Languages Available:
English
COURSE OVERVIEW
The usage of Commercial-off-the-shelf software (COTS) by organizations while advantageous comes with its own set of challenges and complexities. Unfortunately, it is rare for acquisition approaches to account for complex software supply chains; this course provides learners with an understanding of how to apply DevSecOps best practices to reduce software supply chain risks
After completing this course you will be to:
- Employ acquisition strategies, contract tools, and procurement methods for the purchase of the software, COTS from suppliers
- Conduct a supplier review prior to entering into a contractual agreement to acquire the COTS
- Conduct an assessment of the COTS prior to selection, acceptance, or update
- Employ security safeguards to validate that the COTS received is genuine and has not been altered
- Establish and retains the unique identication of supply chain elements, processes, and actors for the COTS
- Establish a process to address weaknesses or deciencies in supply chain elements identied during independent or organizational assessments of such elements
COURSE DETAILS
Course Number: DSO 205
Course Duration: 15 minutes
Course CPE Credits: 25
Related Subject Matter
CWE
NICE
NIST
Penetration Testing
Foreign Languages Available:
English
