Should you be worried about your software supply chain?
Your software supply chain should already be on your risk register as an emerging vulnerability. In this session learn how endjin is tackling this problem by implementing OpenChain (ISO 5230) across its 50+ Open-Source projects.
By adapting existing DevOps processes to produce Software Bill of Materials (SBOMs), they have created a foundation for governance of licensing compliance, monitoring of supply chain vulnerabilities, and establishing security procedures required by Article 32 of GDPR.
You can read more of our blog posts about Software Supply Chain security in our OpenChain topic.