Beyond SBOMs: The Future of Container Supply Chain Security

When a single phished NPM maintainer led to 18 compromised libraries—including Chalk and Debug, downloaded billions of times weekly—it proved one thing: SBOMs alone aren’t enough. In this talk, I explore how modern supply-chain attacks unfold and how the next generation of tools—attestations, provenance, and signing—can prevent a repeat of the September 2025 NPM breach.

July 10, 2026

WeAreDevelopers World Congress 2026 · Berlin, Germany

About this Topic

Beyond SBOMs: The Future of Container Supply Chain Security

Delivered at WeAreDevelopers World Congress 2026 in Berlin.

Invite Me to Speak

Available for conferences, workshops, corporate training, and meetups. I can present remotely or travel to your event.

Get in Touch See All Events