Scaling Software Supply Chain Security with the OpenSSF S2C2F OSS Specification with Microsoft

In an era where software supply chains are more vulnerable than ever, it's vital to stay a step ahead of the risks. High-profile breaches like Log4j and SolarWinds have thrown the spotlight on the urgent need for enhanced security in software supply chains, especially as the use of open source software (OSS) intensifies and security vulnerabilities in these projects are increasing by 20% yearly. Are you looking for ways to strengthen your OSS security and guard against potential supply chain threats? Look no further. Microsoft and Finite State have joined forces to deliver a webinar that introduces a new frontier in software supply chain security - the Secure Supply Chain Consumption Framework (S2C2F), an OpenSSF OSS specification. Developed by Microsoft and contributed to the OpenSSF, the S2C2F aims to help businesses establish secure OSS ingestion pipelines, empowering them to guard against OSS supply chain threats effectively. But how does it work, is it enough, and how does it integrate with emerging software supply chain tools like the Software Bill of Materials (SBOM)? This webinar sheds light on these questions and more, providing insights on how S2C2F can integrate with the SBOM to improve OSS hygiene and fulfill regulatory requirements and customer demands, while fostering sustainable security programs in today's global software ecosystems. Key Takeaways: - Learn about the security challenges faced by OSS and the software supply chain. - Get a comprehensive overview of the S2C2F standard and its potential benefits for SBOMs. - Understand methods for scaling SBOM generation, ingestion, and management within your organization. Watch the recording and arm your organization with the knowledge to navigate the evolving landscape of software supply chain security. Together, let's create a more secure future for software supply chains across the globe.