Ilkka Turunen is the Field CTO at Sonatype, working at Sonatype in Europe. His background is in software and systems engineering, acting as an architect for several commercial projects. He’s helped define everything from the software design to webscale infrastructure architectures and regularly works with companies across the world to understandand improve their software supply chain and continuous delivery pipelines.
As the economic importance of digital innovation accelerated during the global pandemic, so too did the number of cyber-attacks aimed at exploiting software supply chains. And yet, much has stayed the same. Top performing development teams have mastered three key skills: knowing how to use open source and third-party innovation at scale, integrating security and risk controls into multiple phases of the software supply chain, and releasing higher quality code faster than their competitors.
I'll share insights from our latest software supply chain research, which characterises this risk and offers practical guidance based on our experience as stewards of Maven Central on how teams can: