In IT, we are passionate about creating great applications that serves a purpose. The more value, the better.
But there is a little dirty truth: The world is not Disneyland. There are individuals, teams, countries that want to infiltrate your software supply chain. And they are smart, so smart to find the weakest link.
This talk is about concepts like Software Bill of Material (SBOM), attestations, keyless signing of artifacts, enterprise policies and how to seamlessly add them to your build and delivery pipeline. In order to let you great appications - securely.