Building Trust in Open Source is all about locking down your software supply chain without drowning in jargon. Recorded at NDC Copenhagen, Yash Pimple cuts through the noise around SLSA, SBOM and Sigstore, walks you through real-world threats like dependency confusion and insecure deployments, and shows how open-source tools can help you detect, prevent and respond to supply-chain attacks.
By the end of this session you’ll have a clear grasp of key frameworks, hands-on strategies for cloud-native delivery, and the confidence to stitch together defense-in-depth pipelines that deliver rock-solid, verifiable software.
Watch on YouTube
Top comments (0)