AppSec and software supply chain security require more than a loose collection of tools and a vulnerability remediation process. A holistic approach covers risk assessment, a secure software development life cycle, software composition analysis (SCA), SBOMs, static and dynamic application security testing (SAST/DAST), workflow automation, automated remediation, runtime protections, compliance reporting and more. Successful implementation of this holistic approach enables companies to shrink their overall attack surface and reduce technical and security debt. Our panel of software security experts will discuss practical steps to building a sustainable application and software supply chain security strategy that meets today’s business demands and those that may arise in the future.

mend.io