With major vulnerabilities such as Log4Shell, Spring4Shell, and the XZ backdoor dominating headlines, securing the software supply chain is more urgent than ever. In this session, Soroosh Khodami, a solution architect with deep experience building security platform services for large enterprises like Rabobank, shares actionable guidance for improving software development security across organizations of any size.
Khodami will outline effective strategies for mitigating risks in CI/CD pipelines, demystify shift-left security and DevSecOps, and explain how software bills of materials (SBOMs) can help detect and respond to the next Log4Shell-level threat.
He will also cover the implications of upcoming EU supply chain regulations such as DORA and the Cyber Resilience Act, and provide insight into essential tools for SBOM generation and monitoring. This session is designed to help developers and platform teams build more resilient systems in an increasingly hostile cybersecurity landscape.