Loading…
In-person + Virtual
16 -20 May
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2022 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Central European Summer Time (UTC +2). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change.
Back To Schedule
Thursday, May 19 • 09:15 - 09:30
Keynote: Securing Shopify's Software Supply Chain - Shane Lawrence, Staff Infrastructure Security Engineer, Shopify

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.


Recent compromises of Codecov and Solar Winds have put a spotlight on software supply chain attacks, but this focus has led to new innovations for solving an old problem. In this talk, we'll discuss lessons that Shopify has learned in protecting millions of businesses and demonstrate these techniques using open source software. We'll look at how traditional defensive techniques can be applied in the cloud, how voucher and grafeas implementations can give you control over the software that runs in your clusters, and how the SLSA framework can guide you toward establishing trust in your software. We'll also look at how Falco can be used to detect malicious behaviour or indicators that your supply chain has been compromised. Attendees can expect to learn how to apply specific techniques for mitigating supply chain attacks.

Click here to view captioning/translation in the MeetingPlay platform!

Speakers
avatar for Shane Lawrence

Shane Lawrence

Staff Infrastructure Security Engineer, Shopify
Shane is a Staff Infrastructure Security Engineer at Shopify, where he's working on a multi-tenant platform that allows developers to securely build scalable apps and services for crafters, entrepreneurs, and businesses of all sizes.


Thursday May 19, 2022 09:15 - 09:30 CEST
Pavilion 1 | Level 3 | Central Forum