Your software supply chain should already be on your risk register. This session will provide a holistic view of software supply chain risk, using real life examples to bring the threats to life.

Having established the landscape, endjin will then demonstrate how they are adapting existing DevOps processes to produce Software Bill of Materials (SBOMs) in order to protect their portfolio of 50+ open source projects from this emerging threat.

In doing so, they will highlight the standards (OpenChain), frameworks (SLSA) and tools that can be used to fast track creation of a foundation for license compliance, monitoring of supply chain vulnerabilities, and establishing security procedures as required by Article 32 of GDPR.