Skip to Main Content
Lightning Talk Intermediate

Software Supply Chain Security - Benchmarking India

Approved
Session Description

Software Supply Chain Security has been a key point in cybersecurity spheres over the last 5 years, as supply chainn security attacks increased in scope and impact. FOSS is a big part of these discussions and the regulations that have sprung up as a result.

This talk does a comparative analysis on software supply chain security regulations across India and the world, and makes an attempt at benchmarking where India stands. Some of these regulations will result in downstream impact on open-source maintainers, and the talk discusses what that entails for us.

Key Takeaways

  • What is software supply chain security, and why does it matter?

  • A quick intro to Software Bill of Materials

  • Various regulations around Software Supply Chain Security, and what is the impetus behind them?

  • Where does India stand in all of this, both in terms of regulations, and industry readiness.

  • Impact on open-source maintainers.

References

https://none.invalid

Session Categories

Technology / FOSS licenses, policy
Which track are you applying for?
Geopolitics and Policy in FOSS Devroom

Speakers

Nemo
FOSS United GB FOSS United
https://tatooine.club/@nemo
Nemo

Nemo built endoflife.date. and was a founding engineer at Razorpay, where he helped scale and secure their payments stack. He's currently a full-time open-source developer focusing on securing the world’s supply chain, with a focus on SBOM/EOL and CI infrastructure/tooling. He is currently on the FOSS United Governing Board.

Reviews

Very generic . The proposal is not well thought.

Reviewer #1 Approved