T.E.N. Tech Talk

Please complete this form to begin viewing: "T.E.N. Tech Talks: Verifying Identity and Securing Code in the Wake of Software Supply Chain Attacks"

Original broadcast: September 9, 2021
Duration: 45 minutes

Sponsored by:

Moderator:

Marci McCarthy
CEO and President of T.E.N.
CEO and Chairman of ISE® Talent
Biography

Husnain Bajwa
Senior Manager, Global Sales Engineering
Beyond Identity

Joey Johnson
CISO
Premise Health
ISE® Southeast Executive of the Year Award Winner 2017
ISE® North America Executive: Health Care Award Finalist 2017
Biography

Given the spate of software supply chain attacks, organizations need to do more to secure their code repository and control what code commits make it into their production branch. The notorious SolarWinds attack has helped highlight some of the broader and pervasive software supply chain vulnerabilities that impact most organizations today. Complex, shared code bases combined with organization productivity targets have gradually eroded trust and trustworthiness of our software development lifecycle. It’s crucial to verify the identity of the software developer committing code changes and prevent unauthorized users from injecting malicious code. To do so proactively or automatically, a Zero Trust philosophy can be applied to code signing to ensure code has not been compromised, among other techniques. Join our conversation where we will learn how code provenance and identity have become fundamental requirements; explore ways to track and record code changes; and implement code signing at the organizational level, without causing friction for developers.

* Required fields