September 13-16, 2022
Dublin, Ireland + Virtual
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source Summit Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Irish Standard Time (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

IMPORTANT NOTE: Timing of sessions and room locations are subject to change.

Back To Schedule
Friday, September 16 • 15:55 - 16:35
A Different Kind of S3: First Line Security of the Supply Chain - John Amaral, Slim.AI

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
This past year we learned the hard way that your software supply chain is only as secure as its weakest link - from Solarwinds, to CodeCov and Log4j. Your third-party and open source packages and imports are only one zero-day exploit away from compromising your entire production operation. In this talk we’ll focus on three core areas to securing the supply chain, through an easy mnemonic we call the three S’s - Software Bill of Materials (SBOM), Signing and Slimming. By first identifying your inventory and know what you need to secure, you can then verify your packages and build an immutable identity, and ultimately by slimming you minimize the attack surface. We’ll walk through the practical ways to apply these methods to your software supply chain as first line security controls.

avatar for John Amaral

John Amaral

CEO & Co-Founder, Slim.AI
John Amaral is the Founder and CEO of Slim.AI. John has more than 25 years of experience as a technologist and product development leader in information security and networking. Before Slim.AI, John was Head of Product at Cisco Cloud Security. John previously held product and engineering... Read More →

Friday September 16, 2022 15:55 - 16:35 IST
Wicklow Hall 2A (Level 2)
  ContainerCon, Security/Authentication