Rootconf 2025 Annual Conference - 16th and 17th May
Rootconf
Rootconf

Rootconf 2025 Annual Conference - 16th and 17th May

On platforms, distributed data systems & security

Tickets

Loading…

All submissions
This submission has been added to the schedule

Abhay Rana (Nemo)

@captn3m0

State of Supply Chain Security

Submitted Apr 20, 2025

Topic of your submission: Supply chain security Type of submission: 30 mins talk I am submitting for: Rootconf Annual Conference 2025

A talk that covers the overall health of the software supply chain security
ecosystem. Things I’d like to cover in the talk:

  1. Recent breaches and mitigations, and what could have helped.
  2. Large deployments and adoption patterns.
  3. A rough maturity model to help your team benchmark where it stands. How worried should you be?
  4. Recent tooling changes (SBOM/Sigstore/Package Management) that you should know of.
  5. Regulations changes that might impact you.
  6. Impact and some crystal-gazing to see where we are going.

// This feels like a bit too much, so I might have to shorten the content or go beyond the 30m limit.

Takeaways:

  1. Why your company should care about supply chain security.
  2. How are other orgs securing their supply chains, and how can you adopt the same.
  3. Recent updates in tooling/research/regulations in the space.

Audience

This will be an Intermediate level talk. Some familiarity with security is helpful/expected. Focused mainly towards security teams in mid-large orgs, but should be helpful to security adjacent folks as well.

Who am I

I’m Nemo, and I built endoflife.date. I was a founding engineer at Razorpay, where I helped scale and secure our payments stack. I’m currently a full-time open-source developer focusing on securing the world’s supply chain, with a focus on SBOM/EOL and CI infrastructure/tooling.

All submissions

Comments

{{ gettext('Login to leave a comment') }}

{{ gettext('Post a comment…') }}
{{ gettext('New comment') }}
{{ formTitle }}

{{ errorMsg }}

{{ gettext('No comments posted yet') }}

In-person conference

Hosted by

Rootconf
Rootconf
We care about site reliability, cloud costs, security and data privacy

Supported by

Gold Sponsor

Coinbase
Coinbase
Coinbase (NASDAQ: COIN) is on a mission to increase economic freedom for more than 1 billion people.

Gold Sponsor

Nutanix Technologies India Private Limited
Nutanix Technologies India Private Limited
Nutanix is a global leader in cloud software, offering organizations a single platform for running apps and data across clouds.

Sponsor

Facets Cloud
Facets Cloud
Facets.cloud is the orchestration platform for infra, CI/CD, and config. Built for self-service, governance, and AI readiness.

Sponsor

Thoughtworks
Thoughtworks
Thoughtworks is a global technology consultancy that integrates strategy, design and engineering to drive digital innovation.