Securing the software supply chain for the public sector
AW1.120 | Day 1 | 17:30 - 17:55 | Speakers: Sebastian Kawelke, Frederic Noppe
Abstract
Attacks on the software supply chain are becoming increasingly common. Attackers are trying to access critical systems via the software supply chain. Such attacks can have serious consequences, particularly in the public sector. In our talk, we will demonstrate how DevGuard, as an open-source vulnerability management project, helps ZenDiS by finding and closing vulnerabilities before the release of the software and deliver a toolchain for the hardening of base images. DevGuard itself is an OWASP Incubator Project which is available via the openCode-DevGuard instance or as 100% open-source software on GitHub for community use.
Speakers
Frédéric Noppe is passionate about secure software at L3montree Cybersecurity – with a clear preference for open source. His focus is on ensuring that secure software development not only meets all compliance requirements, but also makes the work of developers and security managers noticeably easier and does not represent an unnecessary burden. With his expertise, he combines technical precision with a pragmatic approach to balance security and efficiency.
Links
External Links
Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.