Ortelius Blog

Topics include Supply Chain Security, Microservice Management, Neat Tricks, and Contributor insights.

SecureChainCon 2024


A Free Online, Half-Day Micro-Conference for DevOps and Security Professionals


Welcome to SecureChainCon, the ultimate online conference designed to foster knowledge sharing, and explore the challenges of implementing software supply chain security practices into fragmented, decoupled architectures. Topics of sessions and workshops, presented by expert practitioners, include forensic gathering, open-source tooling, and real-world use cases for integrating security into DevOps workflows. Join us on May 24th for this online mind share and take your Software Security skills to the next level!

May 24th, 2024 - 8:30 to Noon MT

Register Today

Download and Share the Announcement

Call for Speakers Now Open

The Call for Papers is open through March 25th, 2024. Everyone is welcome to submit talks for SecureChainCon. Tracks include:

  • Use Cases on Open-Source Security Tools and the DevOps Pipeline
  • Threat Modeling and data generation from the DevSecOps Pipeline
  • Understand the Blockers, Drivers, and Solutions for making the software supply chain more secure
  • Compliance and Governance Tools and KPIs

First time presenters are encouraged to submit talks.

Submit a Talk Today

The smart way to do Call for Papers, Schedule and Speaker Management.

Caroline Wong to be Keynote Presenter

Caroline Wong

Fortifying the Fortress: Exploring Offensive and Defensive Strategies in Cybersecurity

Understanding cybersecurity requires first an understanding of how to defend against the various types of common cyberattacks from nefarious code being introduced into the software supply chain to penetration attacks and network breaches. But building a strong defense system will not be enough. Organizations will need to start thinking of ‘offensive’ strategies to complete the picture. Join Caroline Wong as she breaks down implementing defensive techniques supported by offensive strategies.

Caroline Wong is the Chief Strategy Officer at Cobalt.io. She has 15+ years of cybersecurity leadership, including practitioner, product, and consulting roles. Caroline authored the popular textbook, Security Metrics: A Beginner’s Guide. She teachers cybersecurity courses on LinkedIn Learning and hosts the Humans of InfoSec podcast.

Why You Should Attend

- Connect and share with your Peers - Hear presentations by expert practitioners - Learn about supply chain security in decoupled architectures. - Explore use cases from leading companies with their latest innovations and gain insights into the future direction of software supply chain management. - Attend for free (Hosted by the Ortelius Open-Source Community) - Join Live or View On-Demand

Who Should Attend

  • DevOps Engineers
  • CISO Teams
  • Security Engineers
  • Open Source Project Office
  • Developers

Key Takeaways

Shift Left Security: Understand the importance of integrating security practices early in the software development lifecycle (SDLC) to identify and remediate vulnerabilities at the source code level.

Automation is Key: Learn the role of automation in DevSecOps, from automated security assurance and vulnerability scanning to automated compliance checks and policy enforcement, to improve efficiency and consistency.

Culture of Collaboration : Recognize the need to foster collaboration and shared responsibility among development, operations, and security teams to effectively implement DevSecOps practices.

Threat Intelligence and Risk Management: Explore the importance of leveraging threat intelligence and risk management frameworks to prioritize security efforts, allocate resources effectively, and mitigate emerging threats.

Compliance and Governance: Address the challenges of maintaining compliance with regulatory requirements, such as aggregated SBOMs, and industry standards in DevSecOps environments.


Join Us on Zoom

Registration Required

All times in Mountain Time.

8:30 Beer and Donuts Networking - Meet the Ortelius Contributors

8:50 Welcome Keynote presented by Saim Safder

9:05 Recognition Awards presented by Tracy Ragan

9:20 OpenSSF Scorecard Workshop presented by Steve Taylor

9:50 Break

Join Us on Twitch

Ortelius Twitch Channel

10:00 - Keynote with Caroline Wong - Fortifying the Fortress: Exploring Offensive and Defensive Strategies in Cybersecurity

10:20 - Securing Software: A Panel Discussion on Actionable Metrics and Metadata hosted by Sacha Wharton

11:00 Break - Twitch Games

11:15 - 12:00 Presentations, Lighting Talks and Closing Remarks