Despite the dramatic rise in software supply chain attacks, many organizations’ security controls still struggle to keep up with this pervasive threat. According to our recent survey, over 32% of organizations continue to implicitly trust open source language repositories.
The problem lies in the fact that development teams are under pressure to deliver new features, often at the expense of security practices. Teams that choose to vendor their open source dependencies are on the right track, but the practice of dependency vendoring often proves to be time-consuming, labor intensive, and unscalable.
Sound familiar? In this webinar for DevOps and security leaders, you’ll learn how to improve both security and development speed in your software supply chain. We’ll cover:
- The state of software supply chain security
- Pros and cons of dependency vendoring
- Google SLSA, a cross-industry framework for building software securely
- How a secure build service can cost-effectively ensure the security and integrity of the open source dependencies your development teams require
Learn how to implement the supply chain security best practices in the emerging SLSA standard without having to build it all from scratch.
Presented by ActiveState Experts
Loreli Cadapan - Vice President, ActiveState
Loreli has 20+ years of experience in the enterprise software industry, successfully having worked at enterprise and startups, focused in DevOps and DevSecOps. She has held different roles from coding, architecture, development management, to product management. Loreli currently leads the Product team at ActiveState, building products to power the world’s software development teams and accelerate their application security solutions.
Shane Warden, Director of Engineering, ActiveState
Shane Warden enjoys helping organizations develop strong, humane, effective processes. His areas of expertise include agile software development, language design, and virtual machines for dynamic languages. He is also a published novelist. His books include The Art of Agile Development and Masterminds of Programming.
