SBA Security Meetup – Secure Coding with Extra SLSA

Name	SBA Research Cookie
Provider	SBA Research
Purpose	Saves the settings of the visitors selected in the cookie box.
Cookie name	sba-research-cookie
Cookie runtime	1 year

Name	YouTube
Provider	YouTube
Purpose	Used to unblock YouTube content.
Privacy policy	https://policies.google.com/privacy
Host(s)	google.com
Cookie name	NID
Cookie runtime	6 months

Name	Vimeo
Provider	Vimeo
Purpose	Used to unblock Vimeo content.
Privacy policy	https://vimeo.com/privacy
Host(s)	player.vimeo.com
Cookie name	vuid
Cookie runtime	2 years

May 15, 2025 , 5:55 pm - 9:00 pm

SBA Research, Floragasse 7/5, 1040 Vienna, Austria - On-site

English

We would like to invite you to our next SBA Security Meetup on Secure Coding with Extra SLSA: A Secure & Spicy take, on Software Supply Chains!

1. Talk: “Software Security and the Cyber Resilience Act (EU Regulation for Digital Products)”
By: Nicolas Petri (SBA Research)

“Shift left” is more than a buzzword — it’s key to aligning security with the software development lifecycle (SDLC). But while developers often see it as overhead, decision-makers may underestimate its value. With new regulations like NIS2 and the Cyber Resilience Act (CRA), structured secure development is no longer optional — it’s mandatory.

2. Talk: “SLSA: The taco dip for Software Supply Chain Security““
By: Dimitrij Klesev (Whizus) & Julian Zhuang (Whizus)

With software supply chain attacks on the rise, it’s more important than ever to talk about security in today’s software ecosystem. In this talk, Julian, a DevOps Engineer from WhizUs, will explain how to improve security in supply chain processes by introducing SLSA, an open-source framework for software supply chain security which helps organizations to enable trust and transparency and protect against tampering in development, build and deployment processes.”

3. Talk: “Securing the Software Supply Chain: Practical Strategies”
By: Daniel Liszka (Chainloop)

Drawing from real-world implementations at major enterprises, this talk will guide you through integrating compliance and security controls into your Software Development Lifecycle (SDLC) using open-source tools like Chainloop. Learn how to build an evidence store for your software supply chain, instrument your CI/CD pipelines, and establish effective quality and control gates. We’ll show you how to operationalize Software Bills of Materials (SBOMs) and Vulnerability Exploitability eXchange (VEX) files to securely deploy software to production and beyond.

Agenda

17:55: Gathering
18:10: Talk: “Software Security and the Cyber Resilience Act (EU Regulation for Digital Products)”
18:40: Talk: “SLSA: The taco dip for Software Supply Chain Security”
19:00: Break & Snacks
19:15: Talk: “Securing the Software Supply Chain: Practical Strategies”
19:45: Food, Drinks & Get together

Looking forward to seeing you there!

Speakers

Dimitrji Klesev (Tech Lead Whizus)
Julian Zhuang (DevOps Consultant Whizus)
Daniel Liszka (Chainloop)
Nicolas Petri (SBA Research)

Registration and Further Information

Please register via Meetup. This event is organized as an on-site event only.

Privacy settings

SBA Security Meetup – Secure Coding with Extra SLSA

Agenda

Speakers

Registration and Further Information

Event Categories