This year, we are co-hosting SupplyChainSecurityCon in Los Angeles, California + Virtual with the Cloud Native Computing Foundation (CNCF). The event will take place on October 11, in co-location with KubeCon + CloudNativeCon North America.
We’re happy to announce that the program is ready!
This event is for security practitioners, open source developers and those interested in software supply chain security. We want to bring the community together to discuss supply chain threats, best practices, mitigation tactics including up-and-coming frameworks and specifications.
The main keynote will feature a first-hand account from SolarWinds on the Sunburst Hack
- Keynote: Project Trebuchet – How SolarWinds is Using Open Source to Secure Their Supply Chain in the Wake of the Sunburst Hack – Trevor Rosen, SolarWinds
Other schedule highlights include:
- The State of SBOMs – Allan Friedman from Cybersecurity and Infrastructure Security Agency, Nisha Kumar of VMware and Frederick Kautz of LF Public Health discuss the latest on the state of software bill of materials and the role they play in securing the software supply chain
- Supply Chain Security with the Jenkins Templating Engine – Steven Terrana of Booz Allen Hamilton will provide a comprehensive introduction to DevSecOps complete with practical application of the principles at scale using Jenkins.
- State of the Art Supply Chain Security – Trashan Kuppusamy of Datadog, Asra Ali of Google and Santiago Torres-Arias of Purdue explore the complementary roles that open source projects such as TUF, in-toto and SigStore play in securing the supply chain.
Join us at SupplyChainSecurityCon to hear from the experts, get a comprehensive understanding of the space and discover open source projects you can leverage to secure your software supply chain.
We look forward to seeing all you developers and leaders interested in securing the software supply chain. With the uptick in supply chain attacks, this is the one conference you should attend this year.