Is a Secure Software Supply Chain Even Possible, Let Alone Feasible?

Posted on in Presentations

Many of the concepts discussed in software supply chain security come out of old fashioned material goods supply chains. "Chain" is a broken metaphor for security. The software supply "web" would be more appropriate. This session will present and debate alternative models developers should be using from other industries, which is a mix of standards, some testing, and some enforcement.

Steven Lipner


Executive Director, SAFECode

Tony Sager


Senior VP and Chief Evangelist, Center for Internet Security

DevSecOps & Application Security Protecting Data & the Supply Chain Ecosystem

application security supply chain



Share With Your Community