Webinar On Demand

Continuous…Everything? Integration, Packaging, Delivery, and Security All in One!

Recorded September 8, 2021

View a Complimentary Webinar Sponsored by Snyk

Application delivery pipelines share many traits with any assembly line. Open source libraries, runtimes, databases, and base images are raw materials to be inspected to ensure they meet quality and security standards. Modern applications combine these raw materials with custom code to create dynamic and complex environments, opening up an extremely effective attack vector.

While not new, software supply chain attacks are on the rise with changes in how applications are built. With open source components making up more than 80% of modern codebases, having a reliable “source of truth” for the security, compliance, and provenance of software and its dependencies is critical.

In this webinar, Snyk, CircleCI and Cloudsmith will share practices and tools that are helping developers create applications with integrity, quality, and security.

You’ll see how to:

  • Find and fix known vulnerabilities in app dependencies and container images
  • Build a source of truth for open source packages to avoid malicious packages
  • Combine continuous packaging and security into a CircleCI delivery pipeline
  • Create provenance and security quality gates as part of deployment workflows

Join Ryan Pedersen (CircleCI), Tom Gibson (Cloudsmith), and Tomas Gonzalez (Snyk) to learn how to manage and mitigate this new risk profile and create a more holistic application security approach.


Tomas Gonzalez
Tomas Gonzalez, Partner Solutions Architect, Snyk

Tomas is a Partner Solution Architect at Snyk focusing on Systems Integrators and Developer Tooling partnerships. Prior to Snyk, he worked similar roles bringing tools into the hands of developers to make them more efficient and their applications more secure. In his spare time, Tomas enjoys discovering pizza and taco spots around Boston and escaping to the mountains to hike, bike, and ski.

Rebekah Whittle CircleCI

Rebekah Whittle, Solutions Engineer, CircleCI

Rebekah has been working as an engineer since she dropped out of University to learn how to code. She currently works as a Solutions Engineer at CircleCI and has the honor of architecting solutions and advising some of the brightest teams on DevOps practices. A few fun facts about Rebekah; she loves the cowboy emoji, has swam professionally and doesn't have social media!

Cloudsmith Tom Gibson

Tom Gibson, Senior Staff Engineer, Cloudsmith

With over ten years in the worlds of DevOps and Fintech, Tom is currently a Senior Staff Engineer at Cloudsmith, where he helps lead and develop the product and platform. As an automation and security enthusiast, Tom is incredibly passionate about helping people and organizations implement and adopt technologies and processes that help secure their software supply chain. When he’s not busy with computers, you can find him watching the latest reality dating TV show, building legos, or doing his 500th home improvement project.