The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for SigstoreCon Supply Chain Day 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in Mountain Standard Time.To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.
The schedule is subject to change.
Sign up or log in to bookmark your favorites and sync them to your phone or calendar.
Technical Lead Manager, Google Open Source Security Team
Hayden Blauzvern is a technical lead manager on Google’s Open Source Security Team, focused on making open-source software more secure through code signing and applied transparency. Hayden is a maintainer and the community chair on the Sigstore project.
Tuesday November 12, 2024 9:00am - 9:05am MST
Alpine
Head of Google's Open Source Security Team, Google
Bob Callaway is the leader of Google's Open Source Security Team (GOSST), spearheading initiatives to bolster the security of open source software, benefiting both Google and the global community. Under his leadership, the GOSST team develops and contributes to projects that address... Read More →
Luke Hinds is the Co-founder and CTO of Stacklok, leading the charge to secure the open source software supply chain. He was formerly a Distinguished Engineer at Red Hat, where he led a security engineering team in the office of the CTO. And Luke founded Sigstore and is the current... Read More →
Tuesday November 12, 2024 9:20am - 9:25am MST
Alpine
Sigstore has witnessed significant adoption since its launch, becoming a big player in software supply chain security. Research has primarily focused on identity verification and transparency log witnessing (i.e.,verifying log consistency). However, the semantics security (i.e., the content) of log entries remains largely unexplored. Given generic witnessing solutions are not one-size-fits-all, we analyze the dynamics of Rekor log entries to gain insights to enable better misbehavior detection and stronger identity verification. Our analysis answers these questions: * What are the trends in Sigstore adoption over time? * What are the patterns in certificates, and generated signatures? * What kinds of identities are involved in signing? * What actors are performing these signing actions?
Chinenye is a Ph.D. student at Purdue University’s Electrical and Computer Engineering department in the Trustworthy Software Ecosystems Lab, where she works on securing software supply chains
Tuesday November 12, 2024 9:30am - 10:00am MST
Alpine
Over the last 5 years, PyPI has adopted a large number of technologies and standards aimed at improving the integrity of the Python packaging ecosystem: scoped API tokens, security events, strong MFA, Trusted Publishing, and (most recently) PEP 740 for cryptographic package attestations. This talk hypothesizes and breaks down the next 5 years of changes, ranging from immediately practical efforts to "big picture" ideas. Some ideas considered include (but are not limited to): * Index-wide binary transparency in the style of Go's sumdb, along with considerations for identity (i.e. package identity) monitoring by upstreams; * "Counter" attestations in the vein of PEP 740, enabling auditors and interested community members to cryptographically register their trust in a PyPI package; * Scalable witnessing and monitoring for PEP 740 attestations, including rollup techniques for reducing the burden of integration for pure-Python package installers like `pip`; * TOFU-style identity locking via lockfiles, including (potentially) Python's PEP 751; * Using TUF to distribute complex identity policies.
William Woodruff is an Engineering Director at Trail of Bits, a NYC-based consultancy. He splits his time between OSS engineering and running the Ecosystem Security group, which is responsible for contributing security and usability improvements to a wide range of OSS tools and services... Read More →
Tuesday November 12, 2024 10:05am - 10:35am MST
Alpine
- Assorted Miniature Danish and Pastries: Assortment of Cinnamon Swirl, Mini Raspberry Crown, Mini Maple Pecan Plait, Mini Apple Coronets and Croissants (per dozen) *V" - Kind and Clif Bars *V - Mozzarella String Cheese *GF *V - Assorted Whole Seasonal Fruit *GF *VG
Tuesday November 12, 2024 10:35am - 11:00am MST
Alpine
2024 has been quite the year for client libraries as well as Sigstore deployments: with betas of Homebrew's build provenance, Maven Central accepting Sigstore signatures, and PyPI's publish attestation. These deployments (and the client libraries they use) store content in Sigstore protocol buffer formats: signed material in bundles and verification material in trusted roots. There's a number of advantages to using these formats, but unfortunately cosign does not default to using them. It's important for the ecosystem to be interoperable, so we're working on updating cosign to default to these formats, including commands to help folks transition from their existing usage. In this talk we'll go over what that plan looks like, what progress we've made so far, and get your feedback on what else we need to consider to help cosign keep up with the client libraries.
Zach is slowly learning more about gardening and welding. When he's at the keyboard he likes working on home automation, biking, and helping secure open source software. A housing inspector once called his electrical work "amateurish".
Transparency logs are tamper-evident, immutable ledgers that provide a cryptographic commitment for inclusion of ledger entries in the log to allow the entries to be publicly auditable, forcing malicious behavior to be transparent. Rekor is Sigstore's signature transparency log, where each entry in the log provides auditability for a signed artifact. A public-good instance of Rekor is maintained by the Sigstore community and used by individuals, organizations and package registries. We've learned much since we deployed the 1.0 API for Rekor; the API is complex and inefficient for what clients really need to verify an artifact, and the maintenance burden and storage costs needed to support it are nontrivial and may deter operators from adopting Rekor. Moreover, privacy and redaction is not easily supportable in the current design. There has been active development in simplifying log deployments and minimizing operational costs in Certificate Transparency that we can apply to Rekor. In this talk, we'll discuss how we will leverage these innovations to improve Rekor's usability, simplifying the API and making Rekor deployments easier to maintain and scale.
Technical Lead Manager, Google Open Source Security Team
Hayden Blauzvern is a technical lead manager on Google’s Open Source Security Team, focused on making open-source software more secure through code signing and applied transparency. Hayden is a maintainer and the community chair on the Sigstore project.
Colleen has made her career out of open source development and has been a key contributor to several major open source projects, such as OpenStack and the Kubernetes ecosystem. Her current focus is on software supply chain security and Sigstore.
Sigstore Ruby now exists. So exciting! But bringing it to life was a challenge, particularly due to the goal of being able to ship it as a part of Ruby itself. Building a sigstore implementation atop only the standard library required writing a TUF client, implementing custom x509 handling, and abstracting over all the supported key types, among other challenges. This talk will explore those challenges, and dive into _why_ a sigstore implementation proves to be such an undertaking, hopefully inspiring some simplification for the next poor soul who attempts to build one from scratch.
Samuel is the Security Engineer in Residence at Ruby Central, leading security efforts across RubyGems and RubyGems.org by day (and sometimes by night, CVEs never sleep). He's been working on Ruby tooling for the past decade, and has shipped hundreds of bugs across RubyGems & Bun... Read More →
Tuesday November 12, 2024 12:10pm - 12:40pm MST
Alpine
Mexican Street Foods - Roasted Corn and Black Bean Chop Salad with Vine Ripened Tomatoes, Red and Orange Bell Peppers, Red Onion, Scallions, Crisp Romaine Hearts, Chipotle Ranch Dressing *GF *V - Tangy Mexican Slaw with Red and Green Cabbage, Chopped Cilantro, Shredded Carrots, Shaved Red Onion, Cumin Lime Vinaigrette *GF *V * oil + vinegar as vegan dressing
- Warm Fried Tortilla Chips with Salsa Roja *GF *V - Chipotle and Tomato Simmered Pulled Chicken Tinga *GF - Chopped Shredded Beef Barbacoa with Sautéed Onions and Lime *GF - Impossible meat southwest style *VG +$4 - Roasted Sweet Corn Cobbett’s with Mexican Mayo Drizzle, Queso Fresco and Chili Lime Salt *GF *V
- Spanish Rice with Peas and Fire Roasted Tomatoes *GF *V - Pickled Red Onion, Fresh Cilantro, Queso Cotija, Lime Scented Crema, Chipotle Crema, Diced Red Onion, Shredded Cheddar, Shredded Lettuce *GF *V - Crispy Tostadas *GF and Warm Flour Tortillas *V
- Cinnamon and Sugar Churros with Chocolate Dipping Sauce *V + Fruit
Tuesday November 12, 2024 12:40pm - 1:40pm MST
Alpine
The Sigstore trust root is delivered to Sigstore clients via root-signing, a less known but security-critical part of Sigstore. In this talk the audience will learn how the project operates and also why it went through a significant rewrite during the past year when it switched to using tuf-on-ci as tooling. The talk will outline the best practices of trust root management and how they are now applied in the project. Topics include: * Current state of the Sigstore root-signing project * Why on earth would you rewrite working critical infrastructure? There are multiple incompatibility incidents in the history of root-signing: the talk will show how a rewrite can be a sensible choice in this situation * Design discussion – why is root-signing such a strange little project? Turns out the combination of user collaboration in a community project with hardware backed signing requires a unique solution * What is next for root-signing?
Open source supply chain security @ Google, Google
Jussi secures Open Source supply chains at Google. He has extensive Open Source experience and is currently maintainer of sigstore-python, tuf-on-ci & python-tuf.
Tuesday November 12, 2024 1:40pm - 2:10pm MST
Alpine
When an AI model misbehaves (e.g., it tells you to put glue on pizza), you must investigate how this happened. Sometimes these are accidents caused by the training data, but these incidents can also be due to nefarious activities – we’ve seen ML malware deployed in 2024. At the end of the day AI is still software, so security needs to be established around its creation. The same transparency and accountability must be enforced as with other parts of the software supply chain. Utilizing SLSA (Supply Chain Levels for Software Artifacts) and GUAC (Graph for Understanding Artifact Composition), we can determine the provenance of each dataset and the composition of each model. In this talk, we dive into the anatomy of AI model attacks: identifying bad models, determining the root cause of badness, and finding the blast radius of models affected. Once the data is collected, we can create an SBOM and distribute with the AI model provenance to meet compliance and transparency requirements.
Mihai Maruseac is a member of Google Open Source Security team (GOSST), working on Supply Chain Security, mainly on GUAC. Before joining GOSST, Mihai created the TensorFlow Security team after joining Google, moving from a startup to incorporate Differential Privacy (DP) withing Machine... Read More →
Solutions Architect with 15+ years of CyberSecurity, DevOps, Software Development and Automation experience. He is an active member in the open source community contributing/path-finding on various projects. Maintainer on the OpenSSF project GUAC (Graph for Understanding Artifact... Read More →
Tuesday November 12, 2024 2:15pm - 2:45pm MST
Alpine
In the evolving landscape of software supply chain security, Red Hat has embarked on a transformative journey, fully embracing the Sigstore ecosystem. Today, Red Hat's internal product pipelines rely on Sigstore’s Cosign to sign software releases, and Rekor provides an immutable transaction log, enabling customers to verify the integrity of downloaded software artifacts. This integration has been pivotal in ensuring the trustworthiness of the software that Red Hat distributes. As we navigated the intricacies of this integration, we gained deep insights into how Sigstore functions, encountered and overcame various challenges, and refined our approach to secure software delivery. In deploying Sigstore internally, we faced a number of obstacles that could make it challenging for large enterprises to adopt Sigstore for their own software delivery supply chains. We want to share with you how we overcame these challenges, and how we think the Sigstore ecosystem of services can be improved. Join us as we take you through Red Hat’s journey with Sigstore —sharing valuable lessons learned, highlighting the pitfalls we encountered, and showcasing how we fortified our software supply chain.
Engineering Manager / Sr. Principal Engineer, Red Hat
Lance is the engineering manager for Red Hat Trusted Artifact Signer and a senior principal engineer. Previously, Knative Steering Committee and Functions Working Group lead. He is an active open source contributor, an avid cyclist, and a committed sourdough bread baker. You can find... Read More →
Brian has worked on product build systems at Red Hat for 8 years. Co-founder of Konflux CI and Enterprise Contract projects. He believes there is a path to make continuous delivery and secure software supply chain coexist peacefully.
In Sigstore, the signer information is embedded from OIDC tokens into the signing certificate. Among those information, the Subject Alternative Name (SAN) is the most crucial piece representing the signer's primary identity. Picking the proper attribute as SAN is not easy; there is no one-size-fits-all answer. This is especially obvious when CI platforms are involved, with so many attributes describing the repository owner, source code, builder, etc. Which one makes the most sense as the primary identity? In this session, we will walk through a common mistake people make when using Sigstore in conjunction with GitHub Actions. We will also discuss the differences in understanding the SAN of Fulcio certificates issued to different CI platforms (e.g., GitHub Actions and GitLab pipeline) due to their behavior differences. More importantly, we will discuss what you should think about when using Sigstore on those CI platforms.
Richard is a Security Engineer and an AWS Security Hero. He is dedicated to helping people quickly adopt the cloud, promoting best practices, and streamlining cloud governance. Richard's experience over the years has allowed him to focus more on making security on the cloud easy... Read More →
The Sigstore and TUF communities both maintain conformance test suites that have been helpful in identifying inconsistencies and security vulnerabilities in clients. This talk offers a deep dive into these two conformance test suites. We first talk about the issues that lead to their development: Interoperability issues and vulnerabilities are painful everywhere but especially so in the field of supply chain security. We then describe the architecture of the test suites and take a look at the engineering and the unique technical problems in conformance testing systems like this: When all test data is by definition cryptographically signed, creating test cases can be very tricky. Next, we cover with practical examples how clients can adopt the test suites and share the experiences client developers have had when adopting the test suites.. Finally, we will examine the impact of these efforts on the Sigstore and TUF ecosystems and how compatibility is improving and clients are becoming more secure. We finish the talk by discussing future ideas for the conformance test suites and how the community can contribute.
Adam is a security engineer at Ada Logics where his work mainly focuses on security automation. He is heavily involved in open source projects and is a top contributor to OSS-Fuzz.
Open source supply chain security @ Google, Google
Jussi secures Open Source supply chains at Google. He has extensive Open Source experience and is currently maintainer of sigstore-python, tuf-on-ci & python-tuf.
Tuesday November 12, 2024 4:10pm - 4:40pm MST
Alpine
Attackers are increasingly exploiting the trust-based, interconnected nature of the open source supply chain, with malware being distributed through package ecosystems, often hidden within the complexity of upstream dependencies. In this talk, we will showcase how Sigstore provenance can serve as a powerful source of truth for verifying package proof-of-origin. The absence of clear provenance, combined with other metadata signals, can act as a strong indicator of potential malicious intent. As a case study, we will discuss a recent spike in DPRK state-sponsored attacks hosted on NPM, where APT groups aimed to harvest cryptocurrencies and establish backdoors on developer machines. Attendees will gain valuable insights into the critical role Sigstore plays in supply chain threat detection, and understand how its broader adoption can help protect the entire ecosystem. By promoting stronger provenance verification, the community can more effectively distinguish between legitimate packages and harmful imitations.
Poppaea is a Security Researcher at Stacklok. She focuses on using data-driven techniques to hunt for threats in the open source supply chain. Prior to joining Stacklok, she was a Senior Threat Hunter in WithSecure’s Managed Detection and Response capability.
Software Bill of Materials (SBOMs) are no longer merely compliance checkboxes. They're indispensable tools for understanding and mitigating vulnerabilities in the software supply chain. High-profile attacks like Log4Shell, SolarWinds, and Apache Struts have underscored the critical importance of software supply chain security. Sigstore's signing and transparency features when paired with in-toto attestations offer approaches to tracking components within SBOMs and pedigree of SBOMs themselves. This talk will delve into how OpenSSF projects like SBOMit can enhance existing SBOM management strategies to address supply chain risks. We'll also explore how to effectively consume SBOMs using various platforms using bomctl.
Lockheed Martin Open Source Program Office, Lockheed Martin
Ian leads Lockheed Martin's Open Source Program Office and specializes in DevSecOps and full stack engineering. Additionally he is a maintainer on SBOMit and bomctl. He is also an OpenSSF Governing Board General Member Representative.
Marc Frankel is the CEO and cofounder of Manifest, a cybersecurity company delivering SBOM & software supply chain security to governments and enterprises worldwide. Marc is a passionate software supply chain security advocate and author of several resources on third-party SBOM collection... Read More →
