Webinar: A Simplified Path To Trusted Open Source Artifacts
With the recent explosion in supply chain attacks, ensuring that the open source packages you build and/or pull into your repositories haven’t been compromised is becoming more and more difficult.
ActiveState’s Trusted Artifacts offering is designed to reduce your organizational risk. In this webinar, we show you why a curated catalog of trusted open source artifacts is key to securing your software supply chain, as well as how ActiveState can automate this for you using a secure build service that ensures the security and integrity of the packages you need.
Managing open source language artifacts in repositories like Artifactory can be like pushing a rock uphill. As soon as you stop, gravity wins. Done with less care, it hinders both innovation and security. We explore the challenges of sourcing secure open source language packages, and share best practices for maintaining and updating them over time that can dramatically decrease your risk and overhead.
This webinar recording covers:
- Current challenges of populating your repositories with secure versions of open source packages, and updating them on a regular basis.
- Introduction to verifiably reproducible builds – a security best practice that is a MUST to counter supply chain threats.
- How teams using repositories like JFrog Artifactory can benefit from these best practices with ActiveState’s Trusted Artifact Subscription.
- Demo how the process works from curated catalog to developer machines – all without needing to change the way your developers work.
In short, if open source security is critical to your team, this webinar is for you! Get on the simplified path to trusted artifacts.
Who’s it for: Teams responsible for maintaining repositories, Security professionals, DevOps and DevSecOps professionals
Dana Crane, Product Marketing Manager at ActiveState
With 25+ years in the software industry, Dana has both crossed and fallen into the chasm as a Product Marketer and Product Manager. When not playing basketball or writing blogs, his time is split between making products easier to use and easier to understand.
Shaun Lowry, Language Engineering Team Lead at ActiveState
Shaun Lowry has been building other people’s code for over 25 years. He has been building it for everything from a 3-man startup to multi-billion dollar enterprises and has seen it break in every conceivable way in a multitude of languages, frameworks and tools. He’s worked porting other people’s code across a variety of operating systems, developing security software, consulting on security, writing about security and now he’s bringing it all together at ActiveState building a secure software supply chain for open source.