Hacking the OSS Supply Chain / Project Revealed
Developers depend upon an ecosystem of open-source technologies that fuel innovation and decrease time to market. A typical business application is composed of >80% open source code, so what happens when the open-source software supply chain gets hacked and thousands of enterprises are left exposed to potentially devastating security exploits. The SolarWinds hack is just the tip of the iceberg on a much larger security concern that spans the industry affecting all programming languages, platforms, and cloud services. In this session, we will expose security holes and exploits in the open-source ecosystem as well as propose a system for securing the software supply chain at a fundamental level
Senior Director of Developer Relations
Stephen Chin is Senior Director of Developer Relations at JFrog, author of Raspberry Pi with Java, The Definitive Guide to Modern Client Development, and Pro JavaFX Platform. He has keynoted numerous Java conferences around the world including Oracle Code One (formerly JavaOne), where he is an 8-time Rock Star Award recipient. Stephen is an avid motorcyclist who has done evangelism tours in Europe, Japan, and Brazil, interviewing hackers in their natural habitat and posting the videos on http://nighthacking.org/. When he is not traveling, he enjoys teaching kids how to do embedded and robot programming together with his teenage daughter.