Building Systems on Shaky Grounds - 10 Tactics to Manage the Modern Supply Chain

Explore a comprehensive conference talk that delves into 10 essential tactics for managing the modern software supply chain. Learn how to navigate the complexities of today's software engineering landscape, which heavily relies on open source and cloud ecosystems. Discover strategies to balance rapid development with security concerns as dependency trees expand and more vendors enter the picture. Gain insights into critical infrastructure considerations, red teaming exercises, vendor risk assessments, and threat modeling. Understand the importance of involving various teams, including marketing and sales, in the security process. Acquire practical knowledge on implementing software composition analysis tools, conducting code analysis, and establishing effective incident response protocols. This talk equips you with valuable techniques to enhance your organization's approach to supply chain management without sacrificing agility or introducing excessive friction.