Skip to main content

TECH TALK

OpenSSF Tech Talk: Proactive Supply Chain Security with GUAC

Thursday, June 6 | 10:00AM PT

Imagine having the power to proactively address critical vulnerabilities. Before a threat becomes a crisis, what if you could confidently answer the question, “Am I affected, and if so, where?” With Graph for Understanding Artifact Composition (GUAC), you can. Open Source Security Foundation (OpenSSF) Incubating Project GUAC is a software supply chain observability tool. It ingests software security metadata and stores it in a persistent graph database to query for consolidated information about your software. In this Tech Talk, you will meet the GUAC maintainers as they cover the project and its recent release, roadmap plans, and how you can contribute. Cybersecurity threats are constantly and quickly changing, but GUAC can help you stay ahead.

Download Slides

Speakers:

David A Wheeler

David A. Wheeler (Moderator)
Director of Open Source Supply Chain Security, Linux Foundation

Brandon Lum,
Open Source Security Engineer, Google

Parth Patel
CPO/Co-Founder, Kusari

Umang Jain
Director of Technical Program Management, Platform Engineering, Guidewire Software

Rose Judge

Rose Judge
Senior Open Source Engineer at Broadcom