Seminar • Software Engineering • The Software Supply Chain Security Perspective

Tuesday, June 6, 2023 10:00 am - 11:00 am EDT (GMT -04:00)

Please note: This seminar will take place online.

John Speed Meyers
Security Data Scientist, Chainguard

Software supply chain security has become a topic of intense interest among software security specialists in the past three years. This talk discusses why, explains what is new and what is not, and addresses both the strengths and limits of this peculiar perspective. Partially based on my own and other’s academic research and partially based on my day job at a software supply chain security startup (Chainguard), this talk will cover topics including selecting and using open source software dependencies, threats to package registries, and vulnerability patterns in popular container images.


Bio: John Speed Meyers is a principal research scientist at Chainguard, a software supply chain security company. He previously worked at IQT Labs, advising the U.S. government on the benefits and risks of widespread open source software consumption. A public policy researcher by PhD training, he combines computer security and empirical software engineering research.