Securing the Software Supply Chain in the Age of AI, Malware, and Compliance - Matthew Brady

"Securing the Software Supply Chain in the Age of AI, Malware, and Compliance" - Matthew Brady

Modern development teams rely heavily on third-party code, AI-generated content, and rapid release cycles—making the software supply chain a growing target for attackers. At the same time, security teams are expected to manage increasing compliance demands and prevent threats like dependency confusion and malicious packages, all without slowing down developers. This talk focuses on how AppSec teams can build practical, scalable approaches to securing the software supply chain, drawing from real-world challenges and lessons learned across the industry.

SPEAKER BIO:

Matthew Brady

Matthew has a unique combination of technical knowledge with commercial awareness in many areas including Software Application Security, DevOps and software development lifecycle solutions and services across multiple vertical markets. Matthew currently leads a team of Solution Engineers in EMEA and is subject matter expert in Black Duck supply chain solutions. Prior to that he has worked for CISCO/AppDynamics and Hewlett Packard Enterprise.


This talk was presented at the OWASP London Chapter meetup on July 17th 2025 kindly hosted by @CivoCloud Tech Junction and kindle sponsored by @BlackDuckSoftware
#OWASP #OWASPLondon #AppSec #devsecops