Automate or Die: DevSecOps in the Age of Software Supply Chain Attacks

  • Date 06 Jun 2019

Automate or Die: DevSecOps in the Age of Software Supply Chain Attacks

06 Jun 2019, 14:40 - 15:05

Tech Talks

As nimble organisations deliver new innovations, adversaries are also upping their game, something we’ve seen in recent high profile and devastating cyberattacks. Adversaries have the intent and ability to exploit security vulnerabilities in the software supply chain - and in some cases plant vulnerabilities themselves. They have increased scale through automation and improved breach success through precision targeting. If we don’t fight back by doing the same - automating security directly in the DevOps pipeline, then we’ll always be at the hackers’ mercy. This session will provide new research on the above, and how to get started.

Learning Outcomes:

  1. Real-world examples of how large and small companies are implementing DevSecOps practices in their own delivery pipelines, and increasing developer awareness to risks 
  2. Key insights from the 2019 DevSecOps community report - including the top investments for automated security
  3. A walkthrough of how security principles have been automated into a CICD pipeline and what standards for implementation are beginning to follow suite 
  4. Why DevSecOps is more than a buzzword, and why it’s vital to protecting your software supply chain 
  5. How automating security of policies makes it harder to ignore



  • Ilkka Turunen


    Global Director, Pre Sales Engineering


    Ilkka Turunen is a Solutions Architect working at Sonatype in Europe and Asia. His background is in software and systems engineering, acting as an...

Business Issues covered

  1. What will this session help you to do?
    • Demonstrate thought-leadership to ensure security is high for corporate agenda & capex justified‎
    • Mitigate the effects of new vulnerabilities and exploits‎


We use cookies to operate this website and to improve its usability. Full details of what cookies are, why we use them and how you can manage them can be found by reading our Privacy & Cookies page. Please note that by using this site you are consenting to the use of cookies.