2025-11-19 –, Blue room (main stage)
With an ever increasing reliance on 3rd party packages and supply chain attacks regularly making headlines, supply chain security is yet another security challenge organizations face. In this session Zahra Deghan Pour (Bol.) and Feike Wierda (HCS Company) will take you through the entire journey of securing the software supply chain at Bol.
With some 700 developers committing new code and including new external dependencies every day, how do you keep track of your entire software supply chain? More importantly, how do you keep it secure? In this session we will take you through the steps we have taken at Bol. to maximally secure the entire software supply chain. From four eyes on every change to dealing with upstream dependency confusion, how do we achieve maximum security without impeding development velocity?
A lifelong Linux nut with a penchant for automation, I have spent most of my career working on the platform side of things. In recent years my attention has shifted to CI/CD. As a member of their CICD team, I'm currently assisting Bol. with securing their software chain.
Platform Engineer with 7+ years of hands-on experience designing, automating, and optimizing infrastructure on GCP, Kubernetes, Docker/Containerd, and bare-metal environments. Skilled in Infrastructure as Code, CI/CD, GitOps, and modern DevOps practices, with a strong focus on reliability, scalability, and operational excellence