Stories
June 10

Automating trust in the supply chain

Supply chain security needs to be integrated into CI/CD Pipelines. This session will cover practical and useful techniques that many enterprises can use.

In today's world, open-source software has become a crucial component of enterprise software development, with 90% of enterprises utilizing it and 96% of codebases containing open-source components (Gartner). However, this also presents a significant security risk, as a recent survey predicts that 45% of enterprises will experience software supply chain attacks by 2025.

At Northwestern Mutual, we understand the importance of securing the software supply chain and have implemented an approach that prioritizes efficiency, speed, and security in our software development process. Our goal is to modernize and incorporate a "trust but verify" mentality into our CI/CD pipeline.

Join us as we share our journey of implementing automation in supply chain security, including the lessons learned and the mysteries unraveled surrounding software dependency chains. We will also share practical techniques to help you avoid a potential supply chain breach, providing you with knowledge and tools to safeguard your enterprise's valuable assets.

Ravi Devineni
Sr. Director of Engineering, Northwestern Mutual
Bobbi Wenzler
Lead Technical Product Manager, Northwestern Mutual
Ravi Devineni

Related talks

Stories
June 10
Real talk: platform engineering with Kelsey Hightower and Kaspar von Grünberg
In this fireside chat, Kelsey Hightower and Kaspar von Grünberg dive deep into the core of platform engineering, they discuss how we got here, the challenges and lessons, and where we might be going.
Kaspar von Grünberg
CEO, Humanitec
Kelsey Hightower
Distinguished Engineer
& Developer Advocate
sponsored
Stories
June 12
Industrializing next-generation digital platforms with platform engineering: The Eurocontrol
This talk discusses how Eurocontrol is modernizing air traffic control with a digital shift to a cloud-native ecosystem, focusing on platform engineering for robust, scalable operations.
David Morales
Technical Product Manager, Paradigma Digital
sponsored
Stories
June 13
Herding APIs with GraphQL: Streamlining at scale
Explore how GraphQL can unify a diverse API landscape, improving usability and developer productivity in large organizations.
Andrei Bocan
Principal Engineer, Atlassian
sponsored
Stories
June 12
Platform engineering at Dynatrace: What we’ve learned so far
Learn how a discussion led Dynatrace to investigate the usage of Backstage in almost every department, from 1000+ developers in R&D to post-sales teams.
Adam Gardner
CNCF Ambassador
sponsored

Register for PlatformCon 2025

Connect with fellow platform practitioners, learn from the best in the industry and engage directly with speakers on Slack.
Community
Join over 20k platform engineers from all over the world
Slack
Share best practices, discuss new trends and tooling with 20k+ platform practitioners
Speakers
Engage with 200+ speakers in dedicated channels or directly in DMs