As governments fight back against software supply chain threats, software providers are facing increased pressure to either comply with new rules or lose significant revenue. One example is the new U.S. attestation form, which requires vendors to self-attest by Sept 11, 2024 to following secure development practices in order to do business with federal agencies. Is your organization prepared?
Unfortunately, many are not. While the U.S. has endorsed guidelines in the form of the Secure Software Development Framework (SSDF), organizations struggle with the perceived overhead of implementing best practices and prioritizing security over code delivery.
In this webinar, we’ll discuss how you can bridge the gap between theory and practice so that you can achieve government mandates while ensuring your open source supply chain is secure for all customers without burdening your development team.
Key Takeaways:
- Government mandates for secure software development practices
- How to secure open source in your software supply chain
- Adopting SSDF practices more easily with automation
- How to meet attestation requirements (Software Bill of Materials, Provenance Attestations, isolated environments, etc.)
- Reducing Mean Time to Remediation (MTTR) with increased open source observability
Watch and gain actionable advice for achieving secure software development practices!
Presenters
Nicole Schwartz, Senior Security Product Manager, ActiveState
Nicole Schwartz speaks about Information Security, DevSecOps, Agile, and DEI. She is currently a Senior Security Product Manager at ActiveState, Chief Operating Officer for The Diana Initiative, an organizer for BSides Edmonton, an organizer for the SkyTalks. She holds a Master of Science in Information Technology from Clarkson University and can be found at @CircuitSwan.
Dana Crane, Product Marketing Manager, ActiveState
With 25+ years in the software industry, Dana has both crossed and fallen into the chasm as a Product Marketer and Product Manager. When not playing basketball or writing blogs, his time is split between making products easier to use and easier to understand.
