S3C2 Summit 2024-03: Industry Secure Supply Chain Summit
Reviewed by Pith T0 review T1 audit T2 compute T3 formal T4 kernel pith:LUSSFYOXrecord.jsonopen to challenge →
read the original abstract
Supply chain security has become a very important vector to consider when defending against adversary attacks. Due to this, more and more developers are keen on improving their supply chains to make them more robust against future threats. On March 7th, 2024 researchers from the Secure Software Supply Chain Center (S3C2) gathered 14 industry leaders, developers and consumers of the open source ecosystem to discuss the state of supply chain security. The goal of the summit is to share insights between companies and developers alike to foster new collaborations and ideas moving forward. Through this meeting, participants were questions on best practices and thoughts how to improve things for the future. In this paper we summarize the responses and discussions of the summit. The panel questions can be found in the appendix.
This paper has not been read by Pith yet.
Forward citations
Cited by 2 Pith papers
-
S3C2 Summit 2025-09: Industry Secure Supply Chain Summit
The paper summarizes key takeaways from an industry-academia summit on securing software supply chains, covering vulnerable dependencies, malicious commits, build infrastructure, and related topics.
-
S3C2 Summit 2025-07: Government Secure Supply Chain Summit
A descriptive report summarizing discussions from a government secure software supply chain summit covering SBOMs, compliance, malicious commits, build infrastructure, culture, and LLMs.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.