SupplyChainSecurityCon

Cybersecurity incidents are among the greatest threats facing organizations today. This event, held in partnership with OpenSSF and CNCF, gathers security practitioners, open source developers, and others interested in software supply chain security to; explore the security threats affecting the software supply chain, share best practices and mitigation tactics and Increase knowledge about how to best secure open source software.

This event is part of Open Source Summit Japan. To attend, register for Open Source Summit Japan. You’ll also get access to all the other events in the Open Source Summit collection.

Submit a proposal to speak! Submissions are being accepted through July 7.

Click above to submit a proposal to speak at SupplyChainSecurityCon, or one of the other Open Source Summit Japan conferences.

SupplyChainSecurityCon topics include:

• Measuring Risk of Potential & Already-included OSS
• Countering Source Code Level Problems
  • Reducing the Likelihood of Vulnerabilities (e.g., eliminating entire classes)
  • Countering Subverted Source Code Control Systems
• Countering Build Threats
  • Simplifying Verified Reproducible Builds
  • Ensuring Safe Transition from Source Code Control to Build System
  • Countering Compromised Build System
  • Countering Bypassed CI/CD
  • Countering Subverted Package Repository
  • Countering use of Bad Package
• Countering Dependency Threats
  • Countering use of a Bad Dependency (e.g., Typosquatting and Dependency Confusion)
  • Detecting malicious reused software
• Ensuring users Know, with Confidence, what Software Components (at all tiers) are Included.