Loading…
This event has ended. Visit the official site or create your own event on Sched.
One Track
Lots of Flavor
Back To Schedule
Thursday, April 18 • 11:30am - 12:00pm
JavaScript supply chain security

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
In an npm survey of over 33,000 worldwide developers, 99% of JavaScript developers confirm they use open source code, 83% express concern about whether the open source software they use is secure, and 58% believe that there aren’t satisfactory methods for evaluating whether code is safe.  npm is the worlds supplier of JavaScript, a very important piece of the dependency supply chain. In this talk Adam will discuss the current security state of the JavaScript ecosystem, what security challenges it faced and what npm has done and continues to do to make this supply chain more secure.
Speakers
avatar for Adam Baldwin

Adam Baldwin

Sr. Product Manager, Supply Chain Security, GitHub
Adam Baldwin is a Senior Product Manager focused on supply chain security at GitHub. A security focused leader with over 25 years of experience, Adam has spent his career building companies, breaking into companies, managing teams, designing products, and talking about security non-stop. Previously... Read More →

LocoMocoSec 2019 JavaScript Supply Chain Security pdf
Thursday April 18, 2019 11:30am - 12:00pm HST
Halele'a Room (Salon 2) 3610 Rice Street, Lihue, Hawaii 96766, USA
  Track, SDLC
  • about Adam Baldwin is Director of Security at npm Inc., the company that powers the world’s JavaScript. An information security professional with over 24 years of experience, Adam has spent his career building companies, breaking into companies, managing teams, designing products, and talking about security non-stop. Previously, Adam founded ^Lift Security, a successful application security and penetration testing service company, and the Node Security Platform, an initiative to track vulnerabilities in the JavaScript ecosystem. The project evolved into a SaaS platform at the forefront of the continuous security movement. Both were acquired by npm, Inc. in early 2018.

Attendees (21)