Despite the dramatic rise in software supply chain attacks, many organizations’ security controls still struggle to keep up with this pervasive threat. According to our recent survey, over 32% of organizations continue to implicitly trust open source language repositories.
The problem lies in the fact that development teams are under pressure to deliver new features, often at the expense of security practices. Teams that choose to vendor their open source dependencies are on the right track, but the practice of dependency vendoring often proves to be time-consuming, labor intensive, and unscalable.
Sound familiar? In this webinar for DevOps and security leaders, you’ll learn how to improve both security and development speed in your software supply chain. We’ll cover:
- The state of software supply chain security
- Pros and cons of dependency vendoring
- Google SLSA, a cross-industry framework for building software securely
- How a secure build service can cost-effectively ensure the security and integrity of the open source dependencies your development teams require
Learn how to implement the supply chain security best practices in the emerging SLSA standard without having to build it all from scratch.
Presented by ActiveState Experts:
Loreli Cadapan, VP of Product
Shane Warden, Director of Engineering
