Trust, Verified: Best Practices For Using SDLC Evidence To Ensure Software Integrity (featuring SonarQube and AppTrust)
Cybersecurity leaders know all too well that software applications represent one of the most difficult-to-defend attack surfaces in the enterprise. Cloud-native technologies, modern DevOps, and the prolific use of open source software and AI/ML models make it extremely challenging to ensure the integrity of the applications that emerge from your software supply chain. And as the sophistication and frequency of supply chain attacks rise, your customers will demand more stringent assurances that they can fully trust your software.
In this informative webinar, you’ll hear from software supply chain security experts from JFrog and Sonar about how security leaders like you can ensure higher software integrity to bolster customer trust in your organization’s applications. Specifically, you’ll come away with:
- A detailed understanding of the modern software supply chain and its elements, and where those elements are most vulnerable
- An overview of the types of evidence you can capture within your software supply chain and how they can be used to prove software integrity
- Guidance on how to govern your SDLC to meet higher security, compliance, quality and performance requirements
- A first-hand look at how JFrog AppTrust integrates with SonarQube to ensure that production artifacts pass their quality gates and originate from secure, high quality code
Presenter Information
Sean Roth is the Sr. PMM for security at JFrog. He is an accomplished technology marketer with over 15 years of experience championing disruptive Enterprise IT technologies including cybersecurity (EDR, AppSec, and Supply Chain Security), DevOps, and cloud-native infrastructure. He holds a Master of Business Administration degree from Santa Clara University and a Bachelor of Computer Engineering degree from Concordia University in his hometown of Montreal, Canada.
As Director of Product Excellence at Sonar, Lauren Hanford helps product delivery teams create customer and business value. Her background includes product management, UX design and strategy, and open source software supply chain security. She joined Sonar in early 2025 following its acquisition of Tidelift, where she was the VP of Product.
