Agile + DevOps East 2022 Industry Presentation : Connecting the Dots: A Dive Through the Layers of Your Open-Source Supply Chain

Conference archive

SEE PRICING & PACKAGES

Wednesday, November 9, 2022 - 3:00pm to 3:45pm

Connecting the Dots: A Dive Through the Layers of Your Open-Source Supply Chain

Presented by: 
Tidelift logo

Like modern manufacturing, modern open-source software development relies on a supply of components that depend on one another in order to function as designed. Peeling back the onion of what software components rely on underneath the surface can be difficult and confusing. Yet necessary to truly understand what open-source policy you need to implement in order to avoid unintended surprises, both legally and from a security perspective. In this session, we’ll explore the relationship between open-source libraries commonly used together in modern open-source applications and what you need make sure you’re aware of before you deploy your next build.

Larry Copeland photo

Larry Copeland

Tidelift

Larry Copeland is a Solutions Architecture Lead at Tidelift, Inc. He helps companies implement Tidelift’s open-source solutions to better understand the open source they are currently using and how they can shore up their open-source supply chain to increase developer velocity as well as improve open source compliance.