Early-bird Discount
expires in
Register Now


Chain of Confidence: Ensuring Trustworthiness in Software Supply Chains

Chain of Confidence: Ensuring Trustworthiness in Software Supply Chains

Thursday, November 16, 2023 11:15—11:35
Location: Sirius
Watch the video
Log in to download presentations

Paul Fisher delves into the multifaceted approach required to foster trustworthiness within complex software supply chains. This discussion begins by delineating the critical components of software supply chains and the potential risks associated with each link—from development and deployment to maintenance and decommissioning.

Key to establishing a chain of confidence is the adoption of transparent processes and tools that provide verifiable evidence of security at each step. The audience will be introduced to Software Bill of Materials (SBOM), cryptographic signing, and continuous integration/continuous deployment (CI/CD) pipelines fortified with automated security checks.

The talk will also consider the human aspect, emphasizing the need for cultivating a culture of security awareness and collaboration among stakeholders. This includes not only developers and security professionals but also suppliers, distributors, and end-users.
Finally, the talk will provide actionable insights and strategies for organizations to audit, monitor, and continuously improve their software supply chains.

Paul Fisher
Lead Analyst
Paul Fisher is a Lead Analyst who researches primarily on cybersecurity and identity and access management (IAM). He also studies trends in AI, IoT and data governance for different industry...
Almost Ready to Join the cyberevolution 2023?
Reach out to our team with any remaining questions
Get in touch