Loading…
October 24 - 25, 2022 | Detroit, Michigan
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon North America 2022 - Detroit, MI + Virtual and add this Co-Located event to your registration to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Eastern Daylight Time (EDT), UTC -4. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.
Back To Schedule
Monday, October 24 • 3:20pm - 3:50pm
Conan.Io – Lessons Learned from Securing 40,000 C++ Packages - Diego Rodriguez-Losada Gonzalez, JFrog

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Supply chain security needs are at an all-time peak, since attackers are now massively targeting developers through their use of package repositories such as npm and PyPI. Conan.io, the open-source package manager for C and C++, currently houses more than 11 million binaries built by user-submitted recipes, but managed to have 0 security incidents since its inception, despite its extremely wide reception (15TB of monthly transfers). In this session, Diego (Conan's co-creator) will share how he and his team has managed this incredible feat by utilizing automated quality checks, compiler security mitigations, package signing, a secure build pipeline and an extremely strict and efficient review process, even when faced with more than 9000 pull requests in the last two years.

Speakers
avatar for Diego Rodriguez-Losada Gonzalez

Diego Rodriguez-Losada Gonzalez

Lead Architect, JFrog
Diego Rodriguez-Losada‘s passions are robotics and SW engineering and development. He has developed many years in C and C++ in the Industrial, Robotics and AI fields. Diego was also a University (tenure track) professor and robotics researcher for 8 years, till 2012, when he quit... Read More →



Monday October 24, 2022 3:20pm - 3:50pm EDT
Room 330 AB Huntington Place: 1 Washington Blvd, Detroit, MI 48226
  Sessions