Modern Software Delivery: Supply Chain Security Critical




Modern Software Delivery: Supply Chain Security Critical

23 October 2019


Added 21-Jan-2020

### Agenda ###

1800: Doors Open + Food/Drinks
1830: Talk given by Chris Wysopal (@WeldPond)
1930: Social - consume more food/drink
2100: The End

Software is no longer delivered on a CD-ROM with occasional updates. Software delivery has become a continuous process for SaaS, mobile and desktop apps with technology suppliers woven in. Open source, service provider APIs, and of course cloud are all woven in and changing continuously. What value is a point in time assessment to understand the risk accepted by the enterprise or software users? Software assessments must become continuous and process based. There is also a need to balance the transparency desired by software users with the needs of vendors to be effective in software delivery and maintenance. We need continuous assessment with the right level of transparency to keep up with