Have you been keeping up with the latest news about software supply chain attacks? Wondering how you can comply with Executive Order 14028 or the latest NIST guidance on software attestations? In this talk we’ll dive deep into what it takes to build a secure software supply chain. You’ll learn about the Supply-chain Levels for Software Artifacts, build provenance, software attestations, with a demo of a secure pipeline. Attendees will walk away with the knowledge needed to secure their CI/CD pipelines and achieve SLSA build level 3.
I help enterprises become successful by adopting DevOps practices. In my spare time I'm an organizer for DevOpsDays Austin, ServerlessDays Austin, DevOpsDays Texas, the Austin AWS Users Meetup, and the Cloud Austin Meetup. When I'm not working or organizing you can catch me hiking around Austin and checking out our many local breweries.