Migrate, Modernize and Build Java Web Apps on Azure: This live workshop will cover methods to enhance Java application development workflow.
Modern Digital Website Security: Prepare to face any form of malicious web activity and enable your sites to optimally serve your customers.
Kubernetes in the Enterprise: The latest expert insights on scaling, serverless, Kubernetes-powered AI, cluster security, FinOps, and more.
You’ve started to shift security left in order to catch security issues earlier in development, but are you using trusted, verified open source software components when writing your code? Are you signing your code commits and image builds so deployment tooling and processes can verify authenticity with auditable components?
In this session, we discuss steps to trust – but verify – the same open source software packages you have come to rely on. You will see how to stay ahead of regulatory and compliance standards and leave this talk with a deeper understanding of how to access a curated content repository library with provenance and attestations that are maintained to SLSA standards and more!
Identify source code transitive dependencies and vulnerabilities for both in-house and COTS applications from a local IDE
Digitally sign code commits as well as images, to store attestations of the build pipeline that can then be shared, reused.
Verify code commits for keyless git signing, with an immutable ledger to validate the artifact metadata
Manage, monitor and analyze relationships with your security metadata (SBOMs, VEXs)
Chief Technologist, DZone
Dir. Product Management, Red Hat
TO and Co-Founder, Sonatype
Join Now for More Content & Events
For event and sponsorship inquiries, please email: firstname.lastname@example.org