We caught up with Brett Smith, Software Architect at SAS. In his session, Supply Chain Robots, Electric Sheep, and SLSA Brett discusses creating automation, shifting left, attack vectors, attestation, verification, zero trust, and how the SLSA specification helps implement solutions for each. Most importantly, security must apply throughout a pipeline. The talk will lead to a larger discussion about the challenges of securing the supply chain, supporting EO 14028 and ISO27001, and improving the security posture of your pipelines.

Threat intelligence can provide a rich insight into threat actor activity but often lacks the timelines and context that comes from the learning of real-life incident investigations. Security leaders need to know how to leverage this frontline intelligence to not only understand if they are likely to be in a similar situation but also to know how they could take immediate action on their defenses.

Overview The Mend Jira Security Dashboard is a new option included in the Jira Cloud plugin that provides a centralized view of security issues and risks across all Jira projects, making it easier for you and your teams to prioritize and address security concerns. Use cases for the Jira Security Dashboard The Mend Jira Security Dashboard addresses the following scenarios: As an AppSec Manager, it is imperative to have real-time visibility into the overall security health of your development teams' applications within your issue-tracking tool, Jira.

Mend Supply Chain Defender helps protect enterprises against software supply chain attacks. It detects and blocks malicious open source packages before your developer can download them — and before they can pollute your codebase with malicious activity. Mend Supply Chain Defender has already detected and reported thousands of malicious packages that were swiftly removed from their registries, to protect open source users from accidentally installing malicious code.

Customer Speakers: Woolworths | Pablo Reyes, AppSec Lead Shopback | Dipin Thomas, Engineering Manager Coinhako | Metarsit Leenayongwut, Engineering Manager Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Join us for an illuminating episode of DevSec Insights as we welcome our special guest, Tim Armstrong, Senior Developer Advocate from CloudQuery. 🚀 In this exclusive Ask Me Anything (AMA) session, we dive deep into the world of DevRel, DevSecOps as we discuss valuable insights that bridge the gap between development and security.

Join Stephanie Chaplin as she unravels the diverse avenues of cybersecurity. From breaking barriers on the red team to safeguarding on the blue, find where you fit. Developers, even if not in security, can benefit. Transitioning from finance? Policy roles await. Discover your cybersecurity niche today!

Join Kovrr and Dmitriy Sokolovskiy, former CISO at Avid, as he shares his experience and provides highlights and Insights on his CRQ Journey. Some of the topics that Dmitriy will discuss.

Join Ryan Kovar, Shannon Davis, and Audra Streetman for a special edition of Coffee Talk, live from Black Hat in Las Vegas! The team of Splunk security experts will recap some of the latest security news, including: Ryan and Audra also competed in a charity challenge about the risk of being hacked while at a hacking conference.