November 18, 2021
Diving deeper into securing supply chain
Supply chain attacks are real. There are several methods to attack a supply chain, from directly inserting malicious code as a new committer, to taking over a committer account without others noticing or compromising a signing key to distribute software that isn’t officially part of a component.
Join us in this session, and our experts will show you an overview of software supply chain attacks, real examples & learnings and how to consume open source securely. You will learn how to increase security measures with Dependabot and GitHub Advanced Security.
Speakers
-
Faten Healy
Senior Solutions Engineer, GitHub
-
Tim O’Neill
Consultant, Arinco