Need help with Python 2.7 Extended Lifecycle Support? Stage 0 – Complete Anarchy
| Ebook Page | Print Page | Title | URL |
|---|---|---|---|
| 2 | 5 | How to Avoid Becoming the Next SolarWinds | https://www.activestate.com/blog/how-to-avoid-becoming-the-next-solarwinds/ |
| 2 | 5 | Threat Landscape for Supply Chain Attacks | https://www.enisa.europa.eu/publications/threat-landscape-for-supply-chain-attacks |
| 3 | 4 | 8th Annual State of the Software Supply Chain | https://www.sonatype.com/state-of-the-software-supply-chain/introduction |
| 4 | 7 | Kaseya VSA ransomware attack | https://en.wikipedia.org/wiki/Kaseya_VSA_ransomware_attack |
| 5 | 9 | CircleCI incident report for January 4, 2023 security incident | https://circleci.com/blog/jan-4-2023-incident-report/ |
| 8 | 12 | Survey Report: State of Software Supply Chain Security | https://www.activestate.com/resources/datasheets/software-supply-chain-security-survey-report/ |
Stage 1 – Observable Chaos
| Ebook Page | Print Page | Title | URL |
|---|---|---|---|
| 15 | 24 | Securing the Software Supply Chain – Recommended Practices For Developers | https://www.cisa.gov/sites/default/files/publications/ESF_SECURING_THE_ SOFTWARE_SUPPLY_CHAIN_DEVELOPERS.PDF |
| 20 | 31 | Annual Report on the State of Application Security Read the Report | https://www.veracode.com/state-of-software-security-report |
| 20 | 31 | How to remediate your open source vulnerabilities quicker | https://www.activestate.com/blog/how-to-remediate-your-open-source-vulnerabilities-quicker/ |
| 22 | 35 | Microsoft’s SPDX sbom-tool | https://github.com/microsoft/sbom-tool |
| 22 | 35 | CycloneD | https://docs.gitlab.com/ee/user/application_security/dependency_scanning/ #cyclonedx-software-bill-of-materials |
| 22 | 35 | Anchore SBOM Action | https://github.com/marketplace/actions/anchore-sbom-action |
| 22 | 35 | Data Sheet: Improve Open Source Security With a Bill Of Materials | https://www.activestate.com/resources/datasheets/improve-open-source-security- with-a-bill-of-materials/ |
Stage 2 – Automated Security
Stage 3 – Verifiable Security
| Ebook Page | Print Page | Title | URL |
|---|---|---|---|
| 34 | 57 | C-Suite Security Survey | https://www.cloudbees.com/c/cloudbees-global-security-survey |
| 35 | 59 | How to Avoid Software Supply Chain Fines | https://www.activestate.com/blog/how-to-avoid-software-supply-chain-fines/ |
| 35 | 59 | SBOMS & Attestations: US Government Deadlines for Implementation | https://www.activestate.com/blog/sboms-attestations-us-government-deadlines-for-implementation/ |
| 40 | 67 | CycloneDX Extension: Vulnerability | https://cyclonedx.org/ext/vulnerability/ |
| 40 | 67 | The Software Package Data Exchange® (SPDX®) | https://spdx.dev/ |
| 41 | 69 | Survey Report: State of Software Supply Chain Security | https://www.activestate.com/resources/datasheets/software-supply-chain-security-survey-report/ |
Stage 4 – Anti Entropy
| Ebook Page | Print Page | Title | URL |
|---|---|---|---|
| 45 | 76 | The 2023 Tidelift state of the open source maintainer report | https://www.tidelift.com/open-source-maintainer-survey-2023 |
| 48 | 81 | JUNIPER RESEARCH STUDY REVEALS STAGGERING COST OF VULNERABLE SOFTWARE SUPPLY CHAINS | https://www.juniperresearch.com/press/press-releases/study-reveals-staggering-cost-of-software-supply |
| 50 | 83 | Risk Explorer for Software Supply Chains | https://sap.github.io/risk-explorer-for-software-supply-chains/ |
| 50 | 83 | Software supply chain threats | https://cloud.google.com/software-supply-chain-security/docs/attack-vectors |
| 51 | 85 | How to Prevent Dependency Confusion | https://www.activestate.com/blog/how-to-prevent-dependency-confusion/ |
| 51 | 85 | MalwareArchivist | https://github.com/ActiveState/MalwareArchivist |
| 51 | 85 | Chaos Monkey | https://netflix.github.io/chaosmonkey/ |
Dana Crane – Product Marketing Manager, ActiveState
With 25+ years in the software industry, Dana has had his share of both crossing and falling into the chasm. He’s currently the Product Marketing Manager at ActiveState Software. You can find more of his work at danacrane.medium.com and danacrane.substack.com.
Scott Robertson – CTO, ActiveState
Passionate about creating products that solve real problems, Scott drives ActiveState’s technology vision based on his experience of over 20 years knees deep in code. Over that time, he’s authored a book, founded 3 startups and sold one of them. As ActiveState’s CTO, he understands the pains faced in pushing software into production and the challenges big business has to stay fast and relevant. He helps companies do both.
Learn how to use key Python libraries to automate common DevOps uses cases. Provides a prebuilt Python environment and sample code.
Read More
AI-generated text is proliferating. This Python tutorial lets you create a simple script to help detect AI-generated text.
Read More
What is Cloudera and Cloudera Machine Learning? Cloudera specializes in data management by offering a comprehensive platform for big data…
Read More