Join Anthony Harrison as he explores software supply chains, transparency, and solutions to manage risks in complex applications.
Speaker
Anthony Harrison
Agenda
6:30pm - Talk by Anthony Harrison
7:30pm - Questions and answers
7:45pm - Event ends
Synopsis
Creating software applications is increasingly complex as it is constructed using many components, frameworks and libraries from, often unknown, 3rd parties.
The Log4Shell vulnerability in 2021 highlighted how little many organisations knew about how their software applications had been constructed; many were surprised at how many hidden components they were using.
Increased transparency of the way software is constructed and managed is now the subject of growing interest across the world with legislation now appearing in the US, EU and elsewhere in the world (although not yet the UK).
These regulations will have significant implications for many products including software in the UK as there is a much greater emphasis on understanding and managing the software supply chain. With the increased use of AI in software-based products, the supply chain for software is about to get even more complex.
This talk will describe the software supply chain landscape and offer some insights into emerging solutions to manage the risk within software-based products more effectively.
About the speaker
Anthony Harrison
Anthony Harrison has been developing and delivering mission-critical applications for over 40 years.
The majority of his career has been spent with Thales (and its predecessor companies), working on various complex programs where he held various roles in software, systems and cyber engineering, as well as providing technical leadership for a number of programmers.
He is the Founder and Director of APH10, and is a leading source of expertise in Software Bill of Materials (SBOM). He has been developing open source software actively for a number of years; most recently, the applications have been related to supporting the software supply chain through utilities to generate and analyse software bills of materials (SBOMs).
He is an active member of a number of the industry forums looking at SBOMs, including OWASP, CycloneDX and SPDX. He has presented at various open source conferences, including FOSDEM, EuroPython, PyCascades, OW2, StateofOpen, OWASP AppSec and was a member of the panel at the NGI Forum 2023, which discussed Software Supply Chain Security. He has been a mentor for the Google Summer of Code for the past four years via the Python Software Foundation and is a mentor for his local CoderDojo in Manchester teaching students Python.
In his spare time, he regularly runs and has completed over 350 Parkruns at more than 100 different locations around the UK.
Our events are for adults aged 16 years and over.
BCS is a membership organisation. If you enjoy this event, please consider joining BCS. You’ll be very welcome. You’ll receive access to many exclusive career development tools, an introduction to a thriving professional community and also help us Make IT Good For Society. Join BCS today
This event is brought to you by: Cheltenham and Gloucester branch
