Dan Lorenc

Software Engineer @Google Dan Lorenc is a Staff Software Engineer and the lead for Google’s Open Source Security Team (GOSST) He’s been working in the Cloud space for eight years and has mostly focused on open source tools related to building containers easily and securely. He founded projects like Minikube, Skaffold, TektonCD and Sigstore. Dan regularly blogs about supply chain security and serves on the TAC for the OpenSSF.

Find Dan Lorenc at:

Resilience in Supply Chain Security

Open source usage has exploded in the last decade, but supply-chain practices and hygiene have not kept up. Unfortunately, attackers have started to notice and open source is under attack. We have hardening work to do on our existing delivery pipelines and supply-chains, but it's too late to keep attackers out. This means it's just as important to design resilient systems, those that help us gracefully recover when bad things do happen.

This talk will go over the real-world threats facing open source supply-chains today, and what you can do to architect resilient build and delivery pipelines.


Thursday May 27 / 10:10AM EDT (40 minutes)

TRACK Architecting for Resilience TOPICS ResilienceSecurityOpen SourceContinuous Delivery ADD TO CALENDAR Calendar IconAdd to calendar

Build your learning journey and level-up on the skills most in-demand in 2021. Attend QCon Plus (May 17-28, 2021).

Save your spot for $599 before May 28th