Defending the software supply chain
The software supply chain is under increasing attack. First, the the sheer number of attacks has gone up by more than 600% every year since 2020. Second, there are whole new classes of attacks that didn't exist even two years ago.
The reality is that defenders need help understanding how to protect against these new threats. This talk will highlight these new attacks, and give the audience ways to identify these attacks. Finally, I will talk about several open source projects that will help orgs build new processes and tools to defend their own software supply chains.
Paul is a DevSecOps evangelist and the founder of SecureStack which helps software engineers and security teams collaborate better while building more secure applications. Paul has been helping organizations build more secure applications for almost 30 years. He's worked for NASA, Boeing, Blue Cross/Blue Shield, John Deere, the US military, and the Australian government amongst others. Paul is a frequent contributor to open-source projects. He is a passionate member of the Australian startup ecosystem and mentors for two accelerators in Oz. He's also a pretty sick snowboarder but most importantly a husband and father to 3 amazing kids who love to "hack the matrix" with their daddy.