Supply chain attacks are some of the fastest growing threats in the enterprise space, and not only. It is assumed that 40% of enterprises will suffer a breach in the next couple of years.
The biggest part of your application is written by strangers: 90% of the code in your app is open source.

That is the main reason why Open Source weaponisation is the biggest threat when it comes to open source.

Three initiatives that are not enough promoted can help in this direction:
- Software Bill Of Material for each piece of software
- Reproducible builds as a means of validating that the source you use is exactly what you think it is
- SigCode - as a means of ensuring that the author of the code is validated

During the presentation we will present statistics regarding the context of cybersecurity and open source. And present the state of the initiatives and how they will help in the supply chain hardening.