Securing your software from (OSS) suply chain attacks

Rejected

Session Description

Attackers are increasingly using indirect methods to exploit software, compromising both direct and indirect open-source dependencies. This can lead to dangerous attacks and breaches in software security. This session delves into the fundamentals of supply chain attacks and how organizations can leverage open-source software to defend against supply chain attacks and zero-day exploits.

Topics Covered:

Understanding the Software Supply Chain
Supply Chain Attacks from Open Source Dependencies
Leveraging SBOMs (Software Bill of Materials)
Artifact Attestation and Verification
Complying with SLSA (Supply Chain Levels for Software Artifacts)
Applying policies on SBOM and SLSA provenance

Key Takeaways

None

References

https://openssf.org/event/slsa-security-for-builds/

Session Categories

FOSS

Speakers

Teja Kummarikuntla

Developer Relations Engineer Harness

Reviews

0 %

Approvability

Approvals

Rejections

Not Sure

While bringing awareness about supply chain attacks is beneficial, I think we have received a lot of talks on this topic already.

Reviewer #1

Rejected