Securing Your Supply Chain with an Open Source Ecosystem

Explore the critical aspects of securing the software supply chain in this comprehensive 41-minute conference talk by Mike LeBeau from TestifySec. Gain insights into current trends and regulatory requirements while examining vulnerabilities and threats at each stage of the supply chain, including creation, building, deployment, and runtime. Discover a wide array of open-source tools available for enhancing security, such as Syft, Grype, Open Policy Agent, and Sigstore. Learn how to leverage automation and DevSecOps best practices to reduce your attack surface and deliver secure software effectively.