Software is everywhere and modern software consists of 80% of open source components. The automation of software delivery has amplified security risks. Software supply chain security incidents have been growing tremendously which has changed the cybersecurity priorities. The notorious SUNBURST attack was the catalyst for the industry to start bringing security into DevOps culture and focus on securing CI/CD pipelines.
In this session, we’ll cover the importance of DevSecOps in securing the software supply chain and improving the security posture of an organization. You’ll gain insight into what can go wrong when DevSecOps is not adopted by reviewing real-world attacks like the NPM supply chain attack, the SolarWinds/SUNBURST attack, and more.
Developers and DevOps professionals will learn key techniques to embrace a culture of DevSecOps and best practices on how to shift left from shift right.