Important Notice: Due to the AWS outage, you may experience some technical issues while using our services today

ActiveState Academy is live 🚀 Free Container Security Certification – Start Now

On-Demand Webinar:

Containers Aren’t Secure by Default: Debunking the Illusion of Safety

Devops and slsa webinar - watch now

Despite the dramatic rise in software supply chain attacks, many organizations’ security controls still struggle to keep up with this pervasive threat. According to our recent survey, over 32% of organizations continue to implicitly trust open source language repositories.

The problem lies in the fact that development teams are under pressure to deliver new features, often at the expense of security practices. Teams that choose to vendor their open source dependencies are on the right track, but the practice of dependency vendoring often proves to be time-consuming, labor intensive, and unscalable.

Sound familiar? In this webinar for DevOps and security leaders, we discuss how to improve both security and development speed in your software supply chain. We’ll cover:

  • The state of software supply chain security
  • Pros and cons of dependency vendoring
  • SLSA, a cross-industry framework for building software securely, originally proposed by Google
  • How a secure build service can cost-effectively ensure the security and integrity of the open source dependencies your development teams require

Learn how to implement supply chain security best practices in the emerging SLSA standard without having to build it all from scratch.

Who Should Watch: DevOps, Software Development and Security leaders who need to deliver software to market faster while protecting their SDLC from end-to-end.

Presenters:

shaunl

Shaun Lowry, Language Engineering Team Lead at ActiveState

Shaun Lowry has been building other people's code for over 25 years. He has been building it for everything from a 3-man startup to multi-billion dollar enterprises and has seen it break in every conceivable way in a multitude of languages, frameworks and tools. He's worked porting other people's code across a variety of operating systems, developing security software, consulting on security, writing about security and now he's bringing it all together at ActiveState building a secure software supply chain for open source.

profile photo of Dana Crane

Dana Crane, Product Marketing Manager, ActiveState

With 25+ years in the software industry, Dana has both crossed and fallen into the chasm as a Product Marketer and Product Manager. When not playing basketball or writing blogs, his time is split between making products easier to use and easier to understand.

Additional Resources

Scroll to Top