Software Supply Chain Security with Policy as Code

Track: Security
Abstract
How do you ensure that your Java software supply chain is secure? How do you reliably repeat and automate governance and compliance of your Java applications?

Policy as Code (PaC) enables orgs to apply automated controls across multiple policy enforcement points and artifact types. This talk will explore how OSS PaC can be used to validate software supply chain artifacts, focusing on Java ecosystem artifacts.

This talk will cover PaC concepts, and how to use PaC to detect and prevent unwanted behaviors. PaC concepts learned in this talk will work at the developer desktop as well as in continuous integration automation, thereby improving governance and compliance of the Java software supply chain.
Jimmy Ray
Jimmy has been writing and speaking for over 20 years, and for the past several years he has focused on providing security, compliance, and governance solutions with PaC in the areas of cloud computing, containerization, and software supply chain. Jimmy is recognized as a subject matter expert in PaC and container supply chain security.
logo
speakers   sessions   sponsors   conference info  
  code of conduct   privacy policy   organizers   past conferences  
We are open-source