The Future of Software Supply Chain Security


The recent executive order requiring SBOMs (Software Bill of Materials) for those supplying software to the federal government has been instrumental in advancing the conversation around software supply chain security. SBOMs by themselves are basically just a list of ingredients. As a result, requiring them is really a minimum requirement. But, SBOMs are just the tip of the iceberg, and quite possibly, not even the most interesting or promising part.

Please join Cisco distinguished engineer, Ed Warnicke and me on May 17th for a live webinar during which we will discuss:

  • Software supply chain mistakes of the mid-2000s that are being replicated in a cloud-native world.
  • The difficulty of establishing a single source of truth for a software supply chain.
  • The (bright!) future for software supply chain security, including promising advances from projects such as In-Toto and OmniBOR.

Ed and I will be joined in the discussion by people on the front lines of building solutions to secure the software supply chain:

  • Aeva Black, OmniBor​ Project – ​Microsoft
  • Brandon Lum, Guac
  • Frederick Kautz, In-Toto​
  • Dan Lorenc, Wolfi

Here’s a link for you to register to attend our webinar.

Hope to see you there… hear your thoughts… and answer your questions.

 


We’d love to hear what you think.
Ask a question or leave a comment below.
And stay connected with Cisco DevNet on social!

LinkedIn | Twitter @CiscoDevNet | Facebook | YouTube Channel

 

Share:





Source link