INTERFACE Boise
September 21st, 2022

  Presented by Sonatype

As nimble organizations deliver new innovations, adversaries are also upping their game; something we’ve seen in recent high-profile and devastating cyber-attacks. Bad actors have the intent and ability to exploit security vulnerabilities in the software supply chain - and in some cases plant vulnerabilities themselves. They have increased scale through automation and improved breach success through precision targeting. If we don’t fight back by doing the same - automating security directly in the DevOps pipeline - then we’ll always be at the hackers’ mercy. This session will provide new research on the above and details on how to get started.

Key takeaways:

  • Real-world examples of how large and small companies are implementing DevSecOps practices in their own delivery pipelines and increasing developer awareness of risks
  • A walkthrough of how security principles have been automated into a CICD pipeline and what standards for implementation are beginning to follow suit
  • Why DevSecOps is more than a buzzword and why it’s vital to protecting your software supply chain
  • How automating the security of policies makes it harder to ignore