Speaker: Priya Wadhwa
Software Engineer @Chainguard
Priya Wadhwa is a software engineer at Chainguard, where she works on a variety of open source projects with the goal of improving software supply chain security. She is a member of the Sigstore Technical Steering Committee and a maintainer of the Tekton Chains project. She's passionate about making security easy and available for everyone.
Language Platforms and Software Supply Chain
As computing evolved, targeting specific hardware and architectures became impractical, leading to the development of language platforms and runtimes such as Java’s JVM and Microsoft’s CLR. Today, we write code for various environments, including IoT devices, Kubernetes sidecars, service meshes and the kernel. As a result, modern language platforms need to be portable, lightweight, and secure. This session delves into the latest developments in language platforms, enabling developers to write code using a growing range of languages across an expanding array of platforms. From a security perspective, the supply chain we use to build and deploy our software, has become just as important as the platform it runs on. We’ve recently witnessed numerous high-profile attacks targeting the supply chain, resulting in much greater attention on this challenge. This particular branch of security is interesting because there are many components in a typical software supply chain, which means security solutions and risk mitigations require a multifaceted approach. In this session we’ll dive into secure software supply chain architectures, learn about tools that can help mitigate common risks, and explore the current landscape of available solutions.