How many dependencies does your .NET project have? 100? 1000? Are you sure they are all secure? Did you check a month ago? Or yesterday? One vulnerable component can turn everything upside down and jeopardize the entire company or a product. This session focuses on best practices of managing dependencies of .NET, .NET Core, Node.js alongside with building robust and reliable dependency delivery and component check pipelines that fit both fresh pet projects and enterprise CI/CD machines. With a focus on technical demonstrations and do-it-yourself approach, the session will let you kick-start building a secure software supply chain right away.
Igor Andriushchenko works as Security Lead at Snow Software, a Swedish company that is leading Software Asset Management according to Gartner Research. Previously, Igor worked at GE Healthcare and consulted for Microsoft/Nokia as DevOps and Build engineer. He has more than 5 years of experience with Microsoft Azure, driving the automation for infrastructure and CI/CD, securing product development. Igor holds Master’s degree in Machine Learning from Aalto University (Finland).