Stories
June 10

Automating trust in the supply chain

Supply chain security needs to be integrated into CI/CD Pipelines. This session will cover practical and useful techniques that many enterprises can use.

In today's world, open-source software has become a crucial component of enterprise software development, with 90% of enterprises utilizing it and 96% of codebases containing open-source components (Gartner). However, this also presents a significant security risk, as a recent survey predicts that 45% of enterprises will experience software supply chain attacks by 2025.

At Northwestern Mutual, we understand the importance of securing the software supply chain and have implemented an approach that prioritizes efficiency, speed, and security in our software development process. Our goal is to modernize and incorporate a "trust but verify" mentality into our CI/CD pipeline.

Join us as we share our journey of implementing automation in supply chain security, including the lessons learned and the mysteries unraveled surrounding software dependency chains. We will also share practical techniques to help you avoid a potential supply chain breach, providing you with knowledge and tools to safeguard your enterprise's valuable assets.

Ravi Devineni
Sr. Director of Engineering, Northwestern Mutual
Bobbi Wenzler
Lead Technical Product Manager, Northwestern Mutual
Ravi Devineni

Register for PlatformCon 2025

Connect with fellow platform practitioners, learn from the best in the industry and engage directly with speakers on Slack.
Community
Join over 20k platform engineers from all over the world
Slack
Share best practices, discuss new trends and tooling with 20k+ platform practitioners
Speakers
Engage with 200+ speakers in dedicated channels or directly in DMs