Building Trust in Open Source: A Practical Guide

Yash Pimple’s NDC Copenhagen talk cuts through the hype around software supply chain security to show you what really matters—think SLSA, SBOM and Sigstore—and how they all fit together in a rock-solid pipeline. You’ll see real-world gotchas (from dependency confusion to sloppy deployments) and learn how to spot, stop and bounce back from attacks using open-source tools.

By the end of this session, you’ll walk away with hands-on strategies to beef up your CI/CD, a solid grasp of cloud-native threats, and the confidence to roll out defense-in-depth practices so your org can ship trusted, verified software every time.

Watch on YouTube