Understanding Supply Chain Security: Bill of Materials and Provenance

4min Snip

00:00

Play full episode

Summary

Transcript

Episode notes

This chapter examines the significance of software bill of materials and provenance in enhancing supply chain security. It draws parallels between these concepts and food packaging, highlighting the need for rigorous security measures in developer platforms following real-world vulnerabilities.

Software supply chain attacks exploit interdependencies within software ecosystems. Security in the supply chain is a growing issue, and is particularly important for companies that rely on large numbers of open source dependencies.

Chainguard was founded in 2021 and offers tools and secure container images to improve the security of the software supply chain.

Matt Moore is the Founder and CTO of Chainguard. He started his career in compiler optimization at Microsoft and worked at Google before starting Chainguard. He joins the show with Gregor Vand to talk about container security.

Gregor Vand is a security-focused technologist, and is the founder and CTO of Mailpass. Previously, Gregor was a CTO across cybersecurity, cyber insurance and general software engineering companies. He has been based in Asia Pacific for almost a decade and can be found via his profile at vand.hk.