Delivering software fast is one piece of the CI/CD puzzle, but delivering it securely is the glue that keeps your puzzle from falling apart. Software supply chain attacks are on the rise with security exploits directly targeting open source projects, central repositories, and software package managers. Now that developers are the target of security attackers, how do you protect your DevOps pipeline?

This is a problem that the Continuous Delivery Foundation (CDF) is working to solve. To help ensure a secure SDLC, the CDF is investing in projects that provide security solutions and in 2022 announced a new incubating project, Pyrsia. This talk will highlight the importance of securing your software supply chain at the source and how Pyrsia is working to solve this problem.