Knowing what vulnerabilities can impact your builds
Equally important to the tracking of your product contents for determining what is in each release, tracking said contents versus what vulnerabilities exist also gives you a carved-in-stone list of what to track from a bug list and security vulnerability perspective. These lists are not persistent, as dependencies can change with updates as some packages become deprecated. Tracking ends when your product ends. Security concerns never end. Hackers and bad actors never sleep. Invest in good software and better processes. Always, always, always know the ingredients for your recipe.
In earlier chapters, we reviewed in detail how to create a software manifest of what was in a specific build or release of your product. We’ve also reviewed hardware implications such as firmware and drivers. This knowledge gives you a virtual checklist of all the things you’ll need to check for bugs and security issues along with the fixes...
