- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Software & Data Integrity Failures Explained: OWASP Top 10 2025 #8 Risk (Supply Chain Security)
⚠️ Software & Data Integrity Failures: OWASP Top 10 2025 #8 Web Security Risk
Software and Data Integrity Failures is the #8 risk in the OWASP Top 10 2025, covering supply chain attacks, insecure CI/CD pipelines, and unsigned code execution. In this video, we explore **Software & Data Integrity Failures** – including the SolarWinds breach, malicious dependencies, and how to secure your software supply chain.
⏱️ TIMESTAMPS
0:00 – Intro: Why Software & Data Integrity is critical in OWASP 2025
0:40 – What are Software & Data Integrity Failures?
1:20 – Supply chain attacks: SolarWinds and npm malicious packages
2:05 – Insecure CI/CD pipelines and compromised build systems
2:50 – Auto-update mechanisms without signature verification
3:35 – Insecure deserialization and object injection attacks
4:20 – Missing integrity checks for dependencies and libraries
5:05 – Real-world breaches: SolarWinds, Codecov, and npm attacks
5:50 – The evolution from A08 (2021) to A08 (2025)
6:35 – 5-step supply chain security framework
🧠 What you'll learn
- Why Software & Data Integrity Failures is the #8 OWASP 2025 risk
- How supply chain attacks like SolarWinds compromise software
- Common integrity failure vectors and attack scenarios
- A practical 5-step framework to secure your supply chain
🛡️ 5-Step Supply Chain Security Framework
1️⃣ Implement digital signatures for all software components and updates.
2️⃣ Use dependency scanning tools (Snyk, Dependabot, OWASP Dependency-Check).
3️⃣ Secure your CI/CD pipeline with access controls and audit logging.
4️⃣ Verify integrity of third-party libraries with checksums and SBOMs.
5️⃣ Implement runtime application self-protection (RASP) and monitoring.
⚙️ Who this is for
- DevSecOps engineers and CI/CD specialists
- Software architects and supply chain managers
- Security engineers and AppSec professionals
- Open source maintainers and package developers
✅ Related OWASP & Security Videos
- OWASP Top 10 2025 Explained in 6 Minutes
- Software Supply Chain Security: OWASP #3 Risk
- Dependency Scanning and SBOM Best Practices
- CI/CD Pipeline Security Hardening
💬 Question for you
Have you ever encountered a malicious dependency or supply chain attack? How did you detect and respond to it? Share your experience!
If this video helped you understand supply chain security, hit 👍, subscribe, and share it with your DevOps team!
Видео Software & Data Integrity Failures Explained: OWASP Top 10 2025 #8 Risk (Supply Chain Security) канала CyberLearn Visual
Software and Data Integrity Failures is the #8 risk in the OWASP Top 10 2025, covering supply chain attacks, insecure CI/CD pipelines, and unsigned code execution. In this video, we explore **Software & Data Integrity Failures** – including the SolarWinds breach, malicious dependencies, and how to secure your software supply chain.
⏱️ TIMESTAMPS
0:00 – Intro: Why Software & Data Integrity is critical in OWASP 2025
0:40 – What are Software & Data Integrity Failures?
1:20 – Supply chain attacks: SolarWinds and npm malicious packages
2:05 – Insecure CI/CD pipelines and compromised build systems
2:50 – Auto-update mechanisms without signature verification
3:35 – Insecure deserialization and object injection attacks
4:20 – Missing integrity checks for dependencies and libraries
5:05 – Real-world breaches: SolarWinds, Codecov, and npm attacks
5:50 – The evolution from A08 (2021) to A08 (2025)
6:35 – 5-step supply chain security framework
🧠 What you'll learn
- Why Software & Data Integrity Failures is the #8 OWASP 2025 risk
- How supply chain attacks like SolarWinds compromise software
- Common integrity failure vectors and attack scenarios
- A practical 5-step framework to secure your supply chain
🛡️ 5-Step Supply Chain Security Framework
1️⃣ Implement digital signatures for all software components and updates.
2️⃣ Use dependency scanning tools (Snyk, Dependabot, OWASP Dependency-Check).
3️⃣ Secure your CI/CD pipeline with access controls and audit logging.
4️⃣ Verify integrity of third-party libraries with checksums and SBOMs.
5️⃣ Implement runtime application self-protection (RASP) and monitoring.
⚙️ Who this is for
- DevSecOps engineers and CI/CD specialists
- Software architects and supply chain managers
- Security engineers and AppSec professionals
- Open source maintainers and package developers
✅ Related OWASP & Security Videos
- OWASP Top 10 2025 Explained in 6 Minutes
- Software Supply Chain Security: OWASP #3 Risk
- Dependency Scanning and SBOM Best Practices
- CI/CD Pipeline Security Hardening
💬 Question for you
Have you ever encountered a malicious dependency or supply chain attack? How did you detect and respond to it? Share your experience!
If this video helped you understand supply chain security, hit 👍, subscribe, and share it with your DevOps team!
Видео Software & Data Integrity Failures Explained: OWASP Top 10 2025 #8 Risk (Supply Chain Security) канала CyberLearn Visual
OWASP Top 10 OWASP Top 10 2025 software integrity failures data integrity failures OWASP A08 supply chain security SolarWinds dependency scanning SBOM software bill of materials CI/CD security malicious dependencies npm attacks insecure deserialization digital signatures code signing dependency-check Snyk Dependabot supply chain attacks build pipeline security third-party libraries DevSecOps software supply chain RASP runtime protection
Комментарии отсутствуют
Информация о видео
8 февраля 2026 г. 11:00:17
00:06:57
Другие видео канала
OWASP API Top 10 #7: SSRF – Stealing Cloud Keys
SolarWinds CI CD breach story #Shorts
Four Pillars to Fight Back
Shadow AI The Perimeter Dies #Shorts
117M LinkedIn Passwords CRACKED: Unsalted SHA-1 Disaster EXPOSED!
21.5M US SECRETS STOLEN: OPM Breach Spy Catastrophe EXPOSED!
BOPLA Tiny Change Total Control
200 OK with leaked user data #Shorts
Default Creds Open Windows #Shorts
Creator Says Running It Is Spicy #Shorts
Software Supply Chain Security OWASP 2025 Explained: #3 Web App Risk (SolarWinds, npm Attacks)
Why Old Threat Models Fail #Shorts
Injection Attacks Explained: OWASP Top 10 2025 #5 Web Vulnerability (SQL, NoSQL, OS Command)
Not Skynet It s Human Chaos #Shorts
The Domino Effect of Misconfig #Shorts
Security Logging & Alerting Failures Explained: OWASP Top 10 2025 #9 Risk (Blind Spot Detection)
Cryptographic Failures OWASP 2025 Explained: #4 Web App Risk (Weak Encryption, Data Exposure)
If blocked it nukes your home dir #Shorts
Common exception-handling mistakes #Shorts
Authentication Failures Explained: OWASP Top 10 2025 #7 Risk (Password Security & MFA)
