The past years have seen a significant raise in Supply Chain attacks targeting third party Python software used in larger projects. With the need for developers to attest to the integrity and provenance of their software dependencies, new standards have emerged to secure Python software, from development to building, packaging and distribution.
Throughout this talk, developers will learn about the latest tools and the best Software Supply Chain practices that can allow them to secure their Python projects and make them more reliable for users by following the lifecycle of a secure Python project, demystifying terms such as cryptographic signatures, Software Bills of Materials or SLSA attestations along the way.
Maya is a Software Engineer in the Emerging Technologies Security team at Red Hat. She is passionate about Python, an Open Source enthusiast and works on securing the Ansible content software supply chain.
Create a custom schedule.
Take it with you on mobile.
Get listed in the directory.
