Secure Software Ecosystems: Best Practices and Regulatory Insights
TEQnation is the software development conference designed for teamleads, architects and project management. But most of all it’s organized for developers by developers. The Developer Conference of Tomorrow: TEQnation 2024 brings the best of the best speakers, various exhibitors, live demonstrations and numerous networking opportunities.
About the talk:
Every day, we encounter another critical vulnerability such as Log4J, Spring4Shell, or the XZ Backdoor, prompting us to wonder if we could be the next target. During this session, we will explore the process of establishing a secure software development ecosystem to mitigate these security risks. Ali, leveraging years of experience as a Security Engineer, and Soroosh, offering his expertise in software development, will discuss strategies for attaining this objective. Key takeaways from this session include:
- Understanding DevSecOps and its role in securing our applications.
- Best practices for building a secure software ecosystem.
- A brief overview of Supply Chain Attacks and their significance.
- The importance of the Software Bill of Materials and the best available solutions in the market.
- Principles and techniques for securing cloud-native applications from development to deployment.
- Exploring EU regulations regarding supply chain attacks and their impact on software security practices.
If you like to have a look at the talk, check out the slides and recordings below.