Join Mike and Dan McKinney from Cloudsmith in discussing SBOM for applications, along with cloud-native tooling for software supply chains. Delve into provenance history, GPG Keys, commit signing, package consumption, threat modeling, and roles in asset security.

Dan McKinney

<p>In this segment, Mike and Dan McKinney from Cloudsmith will be discussing SBOM and what that looks like for your applications. Other topics include: cloud-native tooling for your software supply chain, the history of provenance, GPG Keys &amp; signing commits, package consumption, understanding threat modeling, and knowing the roles and responsibilities when it comes to security of your assets. </p>


A Standardized Approach to SBOM

Topic

During this pre-KubeCon webinar, we will tackle the big questions that should be at the center of conversation at this year's event.

Glenn Weinstein

Paddy Carey

Principal Engineer

2025 is almost upon us.

During this pre-KubeCon online event, we will tackle the big questions that should be at the center of conversation at this year's event.

If over 90% of software deployed is open-source; what’s the difference between software security and software supply chain management? How can platform teams protect their organizations from attacks? How can you grasp control without impeding developer velocity?

It's time for engineering leaders to make their IDP tooling bets.

KubeCon is the opportunity to answer these big questions and share ideas.

Don’t miss this opportunity to learn from the leading minds in the software supply chain management about the most pressing questions in the industry today ahead of the only event that matters.

 Policy Management - The Key to Unlocking a Secure Software Supply Chain

Software supply chain

Join us as we explore the EU's Cyber Resilience Act, its potential impact on the OSS Community, and proactive measures you can take to prepare your team for its implementation. 

Nick Peacock

Senior Director, Customer Success

The European Parliament (EP) adopted a provisional version of the final text of the EU Cyber Resilience Act (CRA) on March 12, 2024, with the final version expected to be signed and published in October.

The EU's CyberResilienceAct (CRA) proposes stringent cybersecurity requirements for digital products, aiming to bolster security against cyberattacks. While it promises safer hardware and software, it also raises questions for Open Source contributors and organizations. Will they be liable for vulnerabilities in their code? Could this legislation stifle innovation or foster it?

Join us in exploring these questions to understand how the CRA underscores the imperative for open source organizations to advocate for their interests in policymaking.


EU's Cyber Resilience Act Repercussions in Open Source

Open Source

Securely Consuming Open Source

Security

In the final session of our summer series, we will explore why prioritizing artifact management is essential in advancing self-service IDPs and how the adoption of Cloudsmith offers solutions to the most common challenges in platform engineering teams.

Rob Godfrey

Senior Technical Architect

Alison Sickelka

VP of Product

Antoine Tielbeke

DevOps Engineer

As DevOps evolves into platform engineering, the focus shifts to creating Internal Developer Platforms (IDPs) that offer self-service capabilities to developers, reducing cognitive load and streamlining development processes. Platform engineers are tasked with creating a multi-tenant SaaS approach in order to have centralized standardization, control, and governance.

In this session we will explore why prioritizing artifact management is essential in advancing to self-service IDPs and how adoption of Cloudsmith offers solutions to common challenges such as high infrastructure costs, managing security vulnerabilities, and maintaining productivity. Attendees will gain insights into best practices of implementing an artifact repository at the center of their CI/CD pipeline.


How Cloud-Native Artifact Management Can Facilitate the Move to Platform Engineering

DevOps

Platform Engineering

Software Supply Chain

Best practices

The second session of our three-part summer series will help you assess and enhance your DevOps team's capabilities in preparation for transitioning to platform engineering using Omdia’s DevOps Maturity Checklist as our guide. 


Dave Bresci

Senior Manager, Site Reliability Engineering

Richard Vodden

Vice President of Technology

This webinar will help attendees assess and enhance their DevOps capabilities in preparation for transitioning to platform engineering using Omdia’s DevOps Maturity Checklist. We will cover key components like tools, culture, processes, and governance, and provide a structured self-assessment approach to identify team strengths and areas for improvement.  PagerDuty and Humanising Autonomy will join us to discuss their ongoing transformation and the challenges they’ve faced so far.


A Roadmap to Evaluating Your Organization’s DevOps Maturity

Discover how reimagining DevOps as platform engineering can create a more cohesive and streamlined approach to IT operations and development for your team in the first session of our three-part summer series.

Luca Galante

 VP, Product & Growth

Alan Carson

Co-founder and Chief Strategy Officer

As organizations continue to navigate the complexities of modern IT environments, the evolution from “DevOps” to “platform engineering” has emerged as a crucial next step in maximizing operational efficiency. By reimagining DevOps as platform engineering, organizations can create a more cohesive and streamlined approach to IT operations and development, breaking down the silos that often impede progress. In this webinar, the Cloudsmith team will explore Omdia’s latest Market Disruptors Report and discuss which critical success factors you need to consider before making the transition to platform engineering.



A Standardized Approach to SBOM

Things you’ll learn

Speakers

Summary

Comments

Policy Management - The Key to Unlocking a Secure Software Supply Chain

EU's Cyber Resilience Act Repercussions in Open Source

How Cloud-Native Artifact Management Can Facilitate the Move to Platform Engineering

A Roadmap to Evaluating Your Organization’s DevOps Maturity

From DevOps to Platform Engineering: The Next Evolution