9:00 AM PDT / 12:00 PM EDT / 5:00 PM GMT

Welcome 

Alan Carson, Co-Founder & CEO, Cloudsmith 

​

​

​

​

9:05 AM PDT / 12:05 PM EDT / 5:05 PM GMT

Real-World Strategies for Securing the Software Supply Chain: Moving Beyond Buzzwords

 

While "secure software supply chain" can feel like a buzzword, the past 18 months have shown companies, open-source communities, and vendors making significant progress toward making it a reality. In this panel discussion, real-world practitioners will share their insights and experiences in securing the software supply chain. The panelists will cover a range of topics, from best practices in vulnerability management, risk assessment of open-source dependencies, and generating authenticated provenance, to the challenges of integrating security into the DevOps workflow. They will provide actionable strategies for improving security while maintaining development speed, and share real-world examples of how their organizations have successfully secured their software supply chains.

​

Featuring: 

Kim Lewandowski, Co-Founder and Chief Product Officer, Chainguard

Peter Wagner, Staff Infrastructure Security Developer, Shopify

Jerome Hardaway, Founder & Executive Director, VetsWhoCode

Moderated by Alison Sickelka, VP of Product, Cloudsmith

​

​

​

 

 

9:55 AM PDT / 12:55 PM EDT / 5:55 PM GMT

Introduction to SBOMs - What is it and do I need one?

 

Software Bill of Materials (SBOM) are new and exciting, but what do they actually do and do you REALLY need one? If you read any security news lately, it seems like everyone is talking about how an SBOM can solve whatever problem they have, and they are years into their SBOM journey. But many of us don’t even know what they are.

 

The reality is nobody actually has SBOMs figured out, or even know what to do with them. SBOMs are still very new and come with as many benefits as challenges. In this session we will look at what an SBOM is. Did you know there are different data formats and even different types of SBOMs? We will cover what we can do with them, and some of the coming tools and ideas around SBOMs. The future is already here – it’s just not very evenly distributed.

​

Featuring: 

Josh Bressers, VP of Security, Anchore

​

​

 

 

​

10:25 AM PDT / 1:25 PM EDT / 6:25 PM GMT - Break

​

 

 

 

10:45 AM PT / 1:45 PM ET / 6:45 PM GMT

Overcoming Complexity and Cost

 

“Overcoming Complexity and Cost” will delve into the challenges faced by software developers in managing complexity and reducing costs during the software development lifecycle. We will bring together industry experts to explore strategies, best practices, and emerging technologies that can empower developers to tackle these complex problems.

​

 

 

Featuring: 

Mel Kaulfuss, Staff Developer Advocate, Buildkite

Shanea Leven, Founder & CEO, CodeSee

Tamara Miner, Principal Strategy Consultant, Pragma

Moderated by Dan McKinney, Technical Account Manager, Cloudsmith

​

 

​

​

11:45 AM PDT / 2:45 PM EDT / 7:45 PM GMT

Software Delivery Patterns for Platform Teams

 

Platform engineering has become one of the most important engineering disciplines of the last few years, providing a standardized, unified experience for development teams so that they ship their work at maximum efficiency, while ensuring your organisation can stay secure and compliant. At the same time, CI/CD pipelines remain integral to every SDLC and internal development platform, helping us bridge the gaps from idea to production, so mastering them is highly beneficial.

In this session we will look at several advanced CI/CD pipeline patterns with a special focus on software delivery  that teams can add to their toolkit to get the most out of their CI/CD tools. Some of the patterns covered might include: orchestrating deploy and release pipelines across projects, going beyond dev/stage/prod and spinning up ephemeral infrastructure for testing, centralised infrastructure and credential provisioning, and more. 

​

Featuring: 

Zan Markan, Senior Developer Advocate, CircleCi

​

​

 

​

12:10 PM PDT / 3:10 PDT ET / 8:10 PM GMT
Bytes and Brews: A Transparently Signature Fireside Chat with Luke Hinds

​

Join us for this fireside chat session featuring Luke Hinds, previously Distinguished Engineer at Red Hat, Founder of Sigstore, Community Appointed Board Member of Open Source Security Foundation (OpenSSF) and now CTO (and Co-Founder) at Stacklok. Luke believes that just like a well-steeped cup of tea, software supply chain security should be strong, robust, and never leave a bitter aftertaste. Lee SKillen, CTO (and Co-Founder) at Cloudsmith, will chat with Luke about how he got to where he is, what’s brewing next, and why we can learn a lot in software from the supply of tea itself.

Featuring: 

Luke Hinds, Co-Founder & CTO, Stacklok

Lee Skillen, Co-Founder & CTO, Cloudsmith

​

​

 

​

1:05 PM PDT / 4:05 PM EDT/ 9:05 PM GMT
Closing

Alan Carson, Co-Founder & CEO, Cloudsmith 

​

​

​

​

1:05 PM PDT / 4:05 PM EDT/ 9:05 PM GMT
Explore the virtual world of Unpacked!
The virtual expo and networking will remain open until 6:00 pm PDT / 9:00 PM EDT.
The more you explore, the higher you'll climb on our leaderboard for your chance to win some awesome prizes.