Name: Governance on Rails for FinServ: Accelerating Time-to-Market While Ensuring Product Compliance and Security - Cole Kennedy & John Kjell, TestifySec Inc.
Start: 2024-10-01T15:05:00-0400
End: 2024-10-01T15:35:00-0400

September 30 - October 1, 2024 | New York, New York
View More Details & Registration
Note: The schedule is subject to change.

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for Open Source in Finance Forum New York 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

This schedule is automatically displayed in Eastern Daylight Savings Time (EDT). To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.

Tuesday October 1, 2024 3:05pm - 3:35pm EDT

Plymouth

Ensuring software releases adhere to expected processes is crucial for both open-source projects and enterprise software. The in-toto project offers a solution by creating attestations for each step, providing verifiable evidence of compliance. This presentation will showcase the capabilities of in-toto to leverage this evidence and create layouts, demonstrating how to create flexible policies for any software development lifecycle (SDLC) process, from source code commit to production release. We will explore how to formulate policies that verify attestations for code reviews, SBOM integrity, testing, vulnerability scans, build provenance (such as SLSA), and more. Join us to learn how to ensure your software development process is compliant and secure.

Speakers

Cole Kennedy

CEO, TestifySec Inc.

Cole Kennedy is the founder and CEO of TestifySec. TestifySec serves clients in high compliance and high assurance environments. His technical passion is simplifying and securing complex systems through strong identity management of workloads, environments, and users.

John Kjell

Director of Open Source, TestifySec Inc.

John is responsible for open source at TestifySec, a software supply chain security startup. He is a maintainer for the Witness and Archivista sub-projects under in-toto. Additionally, John is an active contributor to CNCF's TAG Security and multiple projects within the OpenSSF. Before... Read More →

Tuesday October 1, 2024 3:05pm - 3:35pm EDT
Plymouth

CNCF

Open Source in Finance Forum New York 2024

Cole Kennedy

John Kjell

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!