Jason Ortiz - Finite State

Students: Spring 2025, unless noted otherwise, sessions will be virtual on Zoom.

Securing Your Software Supply Chain

Feb 01, 2023

Download:

MP4 Video Size: 282.7MB

Watch on YouTube

Abstract

To secure connected products, developers and manufacturers must use tools and processes that are purpose built to analyze the complex binaries found within connected devices and embedded systems. Beyond the capabilities of traditional security tooling, dedicated product security (software supply chain security) tools must run in the specialized languages, systems, and deployment cycles for these connected devices. In this talk hosted by Finite State's Jason Ortiz, we will examine where traditional security falls short in analyzing the composition of a device, detecting its vulnerabilities, assessing the severity of those vulnerabilities, prioritizing and conducting response actions. In this session, you will learn how traditional tools can't always see the opaque threats that live inside connected devices, explore Software Bill of Materials (SBOMs) and how to generate them, and discover how to build a product security strategy that leads to more secure products and software supply chains.

About the Speaker

Jason Ortiz is Engineering Manager at Finite State and has over 10 years of experience in the US Intel Community and more than five years in commercial cyber security services. In his role, Jason leads the team that develops necessary interfaces between the Finite State Platform and data for use by customers and partners in their business context. Jason is also President of the Indiana InfraGard Members Alliance, a partnership between the FBI and the private sector that facilitates public-private collaboration and information sharing, and a proud Boiler alum!

Ways to Watch

Watch Now!

Over 500 videos of our weekly seminar and symposia keynotes are available on our YouTube Channel. Also check out Spaf's YouTube Channel. Subscribe today!