Implement secure development lifecycle practices, from threat modeling and static analysis to vulnerability management and compliance, to effectively mitigate software-related business risk.
From this track
Why Governance Matters: The Key to Reducing Risk Without Slowing Down
Tuesday Mar 17 / 10:35AM GMT
When you hear “governance,” you might think of red tape, bureaucracy, or someone telling you what you can’t do. But real governance is about alignment and reducing technical risk. And that matters more than ever.
Sarah Wells
Independent Consultant and Author
Building on Bedrock: A Security Philosophy from Bootloader to Runtime
Tuesday Mar 17 / 11:45AM GMT
In Minecraft, every world is built from blocks. At the very bottom lies bedrock: an unbreakable foundation that everything else rests on. Above it sit layers of stone, dirt, sand, and other materials.
Alex Zenla
Founder & CTO @Edera
From Chaos to Clarity: Modern SBOM Practices That Actually Work
Tuesday Mar 17 / 01:35PM GMT
In this talk, Viktor will walk you through everything you need to know to build a practical and future ready SBOM strategy.
Viktor Petersson
Founder of sbomify, Co-founder & CEO of Screenly, Host of Nerding Out with Viktor
Unconference: Software Security & Risk Management
Tuesday Mar 17 / 02:45PM GMT
Exploding GPUs
Tuesday Mar 17 / 03:55PM GMT
AI workloads on Kubernetes inherit every cloud native vulnerability.
Andrew Martin
Founder and CEO @ControlPlane, CISO OpenUK, CNCF Security Advisory Group
Adopting Memory-Safety and Fine-Grained Compartmentalisation With CHERI
Tuesday Mar 17 / 05:05PM GMT
This talk will describe how CHERI achieves memory safety for existing code with just a recompile and how that non-bypassable memory safety can be used as a building block for higher-level security abstractions.
David Chisnall
Director of System Architecture @SCI Semiconductor, OS, Compiler, and Computer-Architecture Expert, Maintainer of the CHERIoT Platform
